Policy: AWS > CIS v3.0 > 2 - Storage > 2.03 - Relational Database Service (RDS) > 2.03.03 - Ensure that public access is not given to RDS Instance
Configures auditing against a CIS Benchmark item.
Level: 1
Ensure and verify that RDS database instances provisioned in your AWS account do restrict unauthorized access in order to minimize security risks. To restrict access to any publicly accessible RDS database instance, you must disable the database Publicly Accessible flag and update the VPC security group associated with the instance.
Resource Types
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Controls
- AWS > CIS v3.0
- AWS > CIS v3.0 > 2 - Storage > 2.03 - Relational Database Service (RDS) > 2.03.03 - Ensure that public access is not given to RDS Instance
- AWS > CIS v3.0 > 2 - Storage
- AWS > CIS v3.0 > 2 - Storage > 2.03 - Relational Database Service (RDS)
Policy Specification
Schema Type |
|
---|---|
Default |
|
Valid Values [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/cis#/control/categories/v071406
- tmod:@turbot/aws-cisv3-0#/policy/types/r020303
- turbot graphql policy-type --id "tmod:@turbot/aws-cisv3-0#/policy/types/r020303"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-cisv3-0#/policy/types/r020303"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI