Ensure AWS RDS uses a modern CaCert
Error: AWS RDS does not use a modern CaCert
Bridgecrew Policy ID: BC_AWS_GENERAL_118
Checkov Check ID: CKV_AWS_211
Severity: LOW
AWS RDS does not use a modern CaCert
Description
By ensuring that your AWS RDS uses a modern CA certificate, you can help ensure that the certificate used to secure connections to your database is up to date and free of known vulnerabilities. This can help protect your database from potential attacks and improve the overall security of your system.
Fix - Runtime
Fix - Buildtime
Terraform
resource "aws_db_instance" "pass" {
allocated_storage = 20
storage_type = "gp2"
engine = "mysql"
engine_version = "5.7"
instance_class = "db.t2.micro"
name = "mydb"
username = "foo"
password = "foobarbaz"
iam_database_authentication_enabled = true
storage_encrypted = true
ca_cert_identifier = "rds-ca-2019"
}
Updated 5 months ago