AWS best practice to not use the default VPC for workflows
Default Severity: high
Explanation
Default VPC does not have a lot of the critical security features that standard VPC comes with, new resources should not be created in the default VPC and it should not be present in the Terraform.
Possible Impact
The default VPC does not have critical security features applied
Suggested Resolution
Create a non-default vpc for resources to be created in
Insecure Example
The following example will fail the aws-ec2-no-default-vpc check.
resource "aws_default_vpc" "default" {
tags = {
Name = "Default VPC"
}
}
Secure Example
The following example will pass the aws-ec2-no-default-vpc check.
# no aws default vpc present