Use Case for AWS RDS DB Instances should not be publicly accessible

Quick Links

Configure AWS RDS DB Instances should not be publicly accessible
Use Case for AWS RDS DB Instances should not be publicly accessible
Triage Guides by Violation Type
1. Triage AWS RDS DB Instances should not be publicly accessible PUBLIC_ACCESS_NOT_DISABLED

When should I disable AWS RDS public access?

It is generally not desired to enable PubliclyAccessible for an AWS RDS instance as it increases exposure to security risks. Allowing public access provisions a publicly accessible DNS record for the database instance. Potentially making it vulnerable to unauthorized access and data breaches. This feature also increases the likelihood of Distributed Denial of Service (DDoS) attacks, which can disrupt the availability of your database.

In some use cases, PubliclyAccessible may be required. In these situations, it is crucial to consider other risk mitigations such as IP whitelisting.

Use Case for AWS RDS DB Instances should not be publicly accessible

Quick Links​

When should I disable AWS RDS public access?​

Quick Links

When should I disable AWS RDS public access?