AWS Config Rule: RDS DB Security Group Not Allowed
RDS_DB_SECURITY_GROUP_NOT_ALLOWED
Ryan Ware
Last Update 7 maanden geleden
Description: Checks if there are any Amazon Relational Database Service (RDS) DB security groups that are not the default DB security group. The rule is NON_COMPLIANT is there are any DB security groups that are not the default DB security group.
Trigger type: Configuration changes
AWS Region: Only available in Europe (Ireland), South America (Sao Paulo), US East (N. Virginia), Asia Pacific (Tokyo), US West (Oregon), US West (N. California), Asia Pacific (Singapore), Asia Pacific (Sydney) Region
How to Manually Resolve
This particular AWS Config Rule will focus on RDS DB Security Groups - you may find your RDS Instances all reside in a VPC and therefore use VPC Security Groups - this Config Rule is quite focused on legacy builds and may not be use for modern builds using Amazon RDS.
If you have resources in EC2-Classic which needs migrating to VPC, we recommend that you follow this AWS Blog which details the steps to migrate or recreate resources in a VPC.
This is because it is not possible to create a new RDS DB Security Group if you have an RDS DB using the default RDS DB Security Group.
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here