Database Security Groups Exposing Public Access

This bot identifies databases with security groups that have the database port open to the world, i.e., 0.0.0.0/0. As a database can reside in multiple security groups, this bot automates the examination of all attached security groups to discover public access in any one. This bot works with Amazon Web Services (AWS) only.

Recommended Action

Notify the database owner of its exposure to confirm the requirement. If not required, examine the non-compliant database and delete the offending resource access list rule in its dependencies.

Severity

High

Resource Types Inspected

Database Instance

Reactive Hookpoints

None