Product Security Compliance team pulled a new 2024 Q4 quarterly AWS Security Group Rules export from the Quay.io AWS Account. There appear to be many new rules added since the initial review was done during the audit earlier this year.

Please can a member of the Quay.io Engineering team review the new rules in the exported CSV file and add business/technical Justifications for each entry?

Attached are the prior review from the 2024 Audit and the new Security Group Rules export from this month.

Once completed, please upload amended file to this task/issue.

For questions, please reach out to Ben Roose in Product Security Compliance.

Hyperproof Target:
https://hyperproof.app/org/61f1a231-93a0-11ee-bf25-6e706c875063/labels/a7bb57f7-3959-11ef-91f0-32b1c99f3f29