RDS Public Connection and Any IP Access Check

ID: rule:aliyun:rds-public-connection-and-any-ip-access-check
Severity: high

Description

Ensures that RDS instances with public connections do not have a whitelist open to all IPs.

Reason for Violation

An open whitelist combined with a public connection exposes the database to the internet, creating a high security risk.

Recommendation

Disable public connection or restrict the IP whitelist for the RDS instance.

Resource Types

• ALIYUN::RDS::DBInstance