RDS Public Access Enabled
Last updated: April 12, 2025
Details of the Vulnerability
RDS instances with public accessibility pose a significant security risk. Such instances are vulnerable to unauthorized access, which may lead to data breaches. Addressing public accessibility is critical to enhance security and maintain compliance with industry standards.
Impact
Publicly accessible RDS instances are more susceptible to malicious attacks.
The likelihood of unauthorized access to sensitive data increases significantly.
Failure to manage security controls can result in potential compliance violations.
Data breaches can lead to the compromise of sensitive information.
Organizations may face reputational challenges and financial losses.
Resolution Steps
To mitigate this vulnerability and secure RDS access:
Using the AWS Management Console:
Go to the RDS Dashboard.
Select the RDS instance you want to modify.
Find the 'Publicly Accessible' option under the 'Connectivity' settings.
Switch the setting to 'No' to disable public accessibility.
Save your changes to apply the new configuration.
Using the AWS Command Line Interface (CLI):
aws rds modify-db-instance --db-instance-identifier <your-db-instance-id> --publicly-accessible falseReplace '<your-db-instance-id>' with the identifier of your RDS instance to execute the command.