Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: RDS DB instances should prohibit public access

This rule ensures that RDS DB instances do not allow public access for security purposes.

RuleRDS DB instances should prohibit public access
FrameworkNIST 800-171 Revision 2
Severity
High

Rule Description:

RDS (Amazon Relational Database Service) DB instances should prohibit public access in order to comply with NIST 800-171 Revision 2 guidelines. This rule ensures that the DB instances are not accessible from the internet, reducing the risk of unauthorized access and potential security breaches.

Troubleshooting Steps:

If public access to the RDS DB instances is detected, follow the troubleshooting steps below to remediate the issue:

  1. 1.
    Identify the affected RDS DB instance(s).
  2. 2.
    Check the network configuration and security groups associated with the RDS DB instance(s).
  3. 3.
    Verify that the "Publicly Accessible" option is set to "No".
  4. 4.
    Check if any ingress rules in the associated security groups allow public access.
  5. 5.
    Review the routing rules in the VPC (Virtual Private Cloud) for any potential misconfigurations.
  6. 6.
    Ensure that the RDS DB instance(s) are located in a private subnet rather than a public one.
  7. 7.
    If necessary, adjust the network and security group settings to prevent public access.

Necessary Codes:

There are no specific codes for this rule, as it primarily involves adjusting the network and security group configurations. However, you may need to use AWS CLI (Command Line Interface) or AWS Management Console to perform the necessary tasks.

Step-by-Step Guide:

Follow the step-by-step guide below to remediate the public access issue for RDS DB instances:

  1. 1.
    Log in to the AWS Management Console.
  2. 2.
    Open the Amazon RDS service.
  3. 3.
    Identify the RDS DB instance(s) that allow public access.
  4. 4.
    Select the RDS DB instance you want to modify.
  5. 5.
    In the "Details" section, locate the "Connectivity & security" tab.
  6. 6.
    Ensure that the "Publicly Accessible" option is set to "No". If not, modify the option and save the changes.
  7. 7.
    Navigate to the "Instances" section in the left-hand menu.
  8. 8.
    Select the security group associated with the RDS DB instance.
  9. 9.
    Review the inbound rules and ensure that there are no open ports or any rule allowing access from the internet (0.0.0.0/0).
  10. 10.
    If you find any ingress rules allowing public access, remove or modify them accordingly.
  11. 11.
    Navigate to the VPC service in the AWS Management Console.
  12. 12.
    Review the route tables and ensure that the RDS DB instance is associated with a private subnet rather than a public subnet.
  13. 13.
    If necessary, modify the routing rules to prevent public access to the RDS DB instance.
  14. 14.
    Repeat these steps for any other affected RDS DB instances.

By following these steps, you will secure your RDS DB instances by prohibiting public access, thus ensuring compliance with NIST 800-171 Revision 2 guidelines.

Is your System Free of Underlying Vulnerabilities?
Find Out Now