Ensure RDS database does not have unrestricted security group attached
Error: RDS database has unrestricted security group attached
Bridgecrew Policy ID: BC_AWS_NETWORKING_13
Severity: CRITICAL
RDS database has unrestricted security group attached
Description
A publicly accessible database end-point would be vulnerable to brute force login attempts and subsequent data leak/loss. Unauthorized access attempts should be restricted to minimize security risks.
Fix - Runtime
Procedure
To restrict access to any publicly accessible RDS database instance, you must disable the database Publicly Accessible flag and update the VPC security group associated with the instance.
Updated about 2 years ago