Ensure Neptune cluster instance is not publicly available

Error: Neptune cluster instance is publicly available

Bridgecrew Policy ID: BC_AWS_GENERAL_42
Checkov Check ID: CKV_AWS_102
Severity: HIGH

Neptune cluster instance is publicly available

Description

This is a check to make sure that your database resource is not Public. This is the resources' default behavior.

Fix - Runtime

AWS Console

TBA

Fix - Buildtime

Terraform

  • Resource: aws_neptune_cluster_instance
  • Argument: publicly_accessible this default to false, so the check is to ensure it's missing or true.
resource "aws_neptune_cluster_instance" "example" {
  count              = 2
  cluster_identifier = aws_neptune_cluster.default.id
  engine             = "neptune"
  instance_class     = "db.r4.large"
  apply_immediately  = true
}

Did this page help you?