AWS AuthorizeDBSecurityGroupIngress
Adds inbound rules to an RDS DB security group, allowing specified IP ranges or EC2 security groups to access the database.
T1562.007: Disable or Modify Cloud Firewall
T1562.007: Disable or Modify Cloud Firewall
Adversaries may disable or modify a firewall within a cloud environment to bypass controls that limit access to cloud resources. Cloud firewalls are separate from system firewalls that are described in Disable or Modify System Firewall.
View on MITRE ATT&CK →AWS AuthorizeSecurityGroupEgress
Adds outbound rules to a VPC security group, permitting traffic from instances to specified destination IP ranges or security groups.
AWS AuthorizeSecurityGroupIngress
Adds inbound rules to a VPC security group, permitting traffic from specified IP ranges or security groups to reach instances.
GCP compute.firewalls.delete
Deletes a firewall rule from a GCP VPC network.
GCP compute.firewalls.patch
Modifies an existing firewall rule in a GCP VPC network.
AWS CreateNetworkAclEntry
Adds an allow or deny rule to a Network ACL, controlling traffic entering or leaving a specific VPC subnet.
AWS DeleteNetworkAcl
Deletes a Network ACL from a VPC; the default NACL cannot be deleted.
AWS DeleteNetworkAclEntry
Removes a rule from a Network ACL, modifying traffic filtering for the associated VPC subnet.
Azure Microsoft.Network/networkSecurityGroups/securityRules/write
Creates or updates a security rule in an Azure Network Security Group, controlling inbound or outbound traffic.