Skip to content

Classical load balancer has unrestricted security group attached

Description

A publicly accessible load balancer would be vulnerable to brute force login attempts and subsequent data leak/loss. Unauthorized access attempts should be restricted to minimize security risks.

Fix - Runtime

Procedure

To restrict access to any publicly accessible load balancer, you must disable the database Publicly Accessible flag and update the VPC security group associated with the instance.