Database Security Groups Exposing Public Access
This bot identifies databases with security groups that have the database port open to the world, i.e., 0.0.0.0/0. As a database can reside in multiple security groups, this bot automates the examination of all attached security groups to discover public access in any one. This bot works with Amazon Web Services (AWS) only.
Recommended Action
Notify the database owner of its exposure to confirm the requirement. If not required, examine the non-compliant database and delete the offending resource access list rule in its dependencies.
Severity
High
Resource Types Inspected
Database Instance
Reactive Hookpoints
None