Use Case for AWS RDS DB Instances should not be publicly accessible
Quick Links
- Configure AWS RDS DB Instances should not be publicly accessible
- Use Case for AWS RDS DB Instances should not be publicly accessible
- Triage Guides by Violation Type
When should I disable AWS RDS public access?
It is generally not desired to enable PubliclyAccessible for an AWS RDS instance as it increases exposure to security risks. Allowing public access provisions a publicly accessible DNS record for the database instance. Potentially making it vulnerable to unauthorized access and data breaches. This feature also increases the likelihood of Distributed Denial of Service (DDoS) attacks, which can disrupt the availability of your database.
In some use cases, PubliclyAccessible may be required. In these situations, it is crucial to consider other risk mitigations such as IP whitelisting.