Preventing Public Accessibility on DB Instances
When to Enable Public Accessibility
To enhance the security of AWS RDS and DB instances, they should not have public accessibility enabled. Restricting unauthorized access will minimize the risk of compromise to your DB instances. To accomplish this and prevent public accessibility, your organization can utilize IAM policies and security groups.
Transcription
Restriction of access to RDS instances is a critical part of your AWS security posture. The organization should restrict access using a combination of both Identity and Access Management policies as well as security groups. Restriction of access to EC2 instance internal connections as well as using IAM policies to restrict access to the RDS control panel will help you, as an organization, ensure that you have appropriately protected your RDS deployments.