Control: AWS > CIS v2.0 > 2 - Storage > 2.03 - Relational Database Service (RDS) > 2.03.03 - Ensure that public access is not given to RDS Instance

Configures auditing against a CIS Benchmark item.

Level: 1

Ensure and verify that RDS database instances provisioned in your AWS account do restrict unauthorized access in order to minimize security risks. To restrict access to any publicly accessible RDS database instance, you must disable the database Publicly Accessible flag and update the VPC security group associated with the instance.

Resource Types

This control targets the following resource types:

AWS > RDS > DB Instance

Primary Policies

The following policies can be used to configure this control:

2.03.03 - Ensure that public access is not given to RDS Instance

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-cisv2-0#/control/types/r020303

Category URI

tmod:@turbot/cis#/control/categories/v071406

GraphQL

query controlType(id: "tmod:@turbot/aws-cisv2-0#/control/types/r020303") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-cisv2-0#/control/types/r020303'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-cisv2-0#/control/types/r020303"