Ensure RDS database does not have unrestricted security group attached

Error: RDS database has unrestricted security group attached

Bridgecrew Policy ID: BC_AWS_NETWORKING_13
Severity: CRITICAL

RDS database has unrestricted security group attached

Description

A publicly accessible database end-point would be vulnerable to brute force login attempts and subsequent data leak/loss. Unauthorized access attempts should be restricted to minimize security risks.

Fix - Runtime

Procedure

To restrict access to any publicly accessible RDS database instance, you must disable the database Publicly Accessible flag and update the VPC security group associated with the instance.


Did this page help you?