Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-25724

Bamboo security groups for elastic agents are too wide open.

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Unresolved
    • None
    • Security
    • None

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      Elastic Bamboo automatically generates the `elasticbamboo` security group, and attaches it to the EC2 instance running the agent.

      The inbound rules on this SG allow all traffic on the exposed ports:

      This poses a potential security vulnerability.

      Even after all Elastic Instances have been terminated, the SG remains, and at the very least will appear on security scans.

      There should be an option to change the 'source' value for the SG to a specific CIDR rather than "0.0.0.0/0"

      Attachments

        Activity

          People

            Unassigned Unassigned
            rwatson@atlassian.com Robert W
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: