standard
turbot/aws_compliance

Trigger: Detect & correct RDS DB instances with public access enabled

Detect RDS DB instances with public access enabled and then skip or disable public access.

Query

select
concat(
db_instance_identifier,
' [',
account_id,
'/',
region,
']'
) as title,
db_instance_identifier,
region,
sp_connection_name as conn
from
aws_rds_db_instance
where
publicly_accessible;

Schedule

15m

Tags

category = Compliance
mod = aws
service = AWS/RDS