/
AWS-RDS-RDS-Publicly-Accessible

AWS-RDS-RDS-Publicly-Accessible

Severity: Critical

Description: This control ensures that RDS DB Instance is not associated with a public subnet.Having any resources such as RDS DB Instances in a public subnet should be avoided unless absolutely needed as they can be accessed from the Internet.

Remediation Steps:

Perform following to remove RDS instance public access :

  1. Login to the AWS Management Console at https://console.aws.amazon.com as root user.

  2. Navigate to VPC console.

  3. On Navigation pane, choose Route Tables.

  4. Click on the route table to be modified.

  5. Under the route table description select Routes tab and click Edit Routes.

  6. Remove any routes which provide public access and modify other routes accordingly.

  7. Click on Save routes.

Important:

Reference :

Related content

AWS-EC2-VPC-Endpoint-Exposed
AWS-EC2-VPC-Endpoint-Exposed
Read with this
AWS Misconfiguration Remediations
AWS Misconfiguration Remediations
Read with this
AWS-S3-Secure-Transport
AWS-S3-Secure-Transport
Read with this
AWS-RDS-RDS-IAM-Database-Authentication-Enabled
AWS-RDS-RDS-IAM-Database-Authentication-Enabled
Read with this
AWS-S3-S3-Bucket-Logging
AWS-S3-S3-Bucket-Logging
Read with this

Blue Hexagon Proprietary