Skip to main content

RDS Public Connection and Any IP Access Check

ID: rule:aliyun:rds-public-connection-and-any-ip-access-check
Severity: high
IaC Types: ROS, Terraform

Description

Ensures that RDS instances do not have a completely unrestricted security IP whitelist.

Reason for Violation

An open whitelist combined with a public connection exposes the database to the internet, creating a high security risk.

Recommendation

Restrict security_ips to specific trusted IP ranges instead of allowing all IPs.

Resource Types

ROS: ALIYUN::RDS::DBInstance
Terraform: alicloud_db_instance

Description
Reason for Violation
Recommendation
Resource Types