Ensure RDS database does not have unrestricted security group attached

Error: RDS database has unrestricted security group attached

Bridgecrew Policy ID: BC_AWS_NETWORKING_13
Severity: CRITICAL

RDS database has unrestricted security group attached

Description

A publicly accessible database end-point would be vulnerable to brute force login attempts and subsequent data leak/loss. Unauthorized access attempts should be restricted to minimize security risks.

Fix - Runtime

Procedure

To restrict access to any publicly accessible RDS database instance, you must disable the database Publicly Accessible flag and update the VPC security group associated with the instance.