fix(rules): Remove unrestricted_all_ports rule from CIS AWS networking

[kunaals]

Type of change

• Bug fix (non-breaking change that fixes an issue)
• New feature (non-breaking change that adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Refactoring (no functional changes)
• Documentation update
• Other (please describe):

Summary

The unrestricted_all_ports rule was incorrectly placed in cis_aws_networking.py despite not being an actual CIS benchmark control:

• It lacked a proper CIS control ID tag (e.g., cis:5.X) - only had cis:aws-5.0 (benchmark version)
• The rule ID was unrestricted_all_ports instead of cis_aws_5_X_... naming convention
• Comments explicitly marked it as "Additional: Unrestricted All Ports" (not a CIS control)
• The existing CIS 5.1 (SSH) and CIS 5.2 (RDP) rules already catch protocol=-1 cases via their OR rule.protocol = '-1' clauses

This PR removes the rule to maintain accuracy of CIS benchmark mappings.

Related issues or links

• Related to feat(rules): Standardize CIS rule IDs with provider prefixes #2334 (feat(rules): Standardize CIS rule IDs with provider prefixes)

Checklist

General

• I have read the contributing guidelines.
• The linter passes locally (make lint).
• I have added/updated tests that prove my fix is effective or my feature works.

Proof of functionality

• New or updated unit/integration tests.

N/A - This is a removal of a rule that had no tests. Existing tests continue to pass.

Notes for reviewers

The rule being removed checked for security groups with protocol = '-1' (all traffic) from 0.0.0.0/0. While this is a valid security concern, it's not a CIS benchmark control. The existing CIS 5.1 and 5.2 rules already catch this case through their OR rule.protocol = '-1' conditions.

🤖 Generated with Claude Code

[cubic-dev-ai]

No issues found across 2 files

[jychp]

LGTM