Skip to content

EC2 instance has unrestricted security group attached

Description

A publicly accessible database end-point would be vulnerable to brute force login attempts and subsequent data leak/loss. To minimize security risks, unauthorized access attempts should be restricted.

Fix - Runtime

Procedure

To restrict access to any publicly accessible RDS database instance, you must disable the database Publicly Accessible flag and update the VPC security group associated with the instance.