AWS Config Rule: RDS Instance Public Access Check

RDS_INSTANCE_PUBLIC_ACCESS_CHECK

Fernando Honig

Last Update há 6 meses

Describe: Checks whether the Amazon Relational Database Service (RDS) instances are not publicly accessible. The rule is non-compliant if the publiclyAccessible field is true in the instance configuration item.


Trigger type: Configuration changes


AWS Region: All supported AWS regions except Asia Pacific (Hyderabad), Europe (Spain) Region


How to Resolve Manually

To resolve this manually, you will need to take a look at the Connectivity portion of your RDS Instance. When creating a new RDS Instance, you have the option to select Yes or No when configuring public access to this instance. By default, it is disabled.


If your instance is already created and you need to manually remove public access, you will need to modify the RDS Instance and toggle the below option back to No


You will then be able to review your changes and either Apply immediately, or Apply during the next scheduled maintenance window.


How to Resolve with StackZone

You can resolve with StackZone by enabling the remediation which will automatically remove public access from your RDS Instance.


To enable this, head to Baseline Services -> Amazon RDS and ensure to toggle on RDS Public Access Disabled Remediation


Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

1 out of 1 liked this article

Still need help? Message Us