Publicly Accessible RDS instance uses a common master database username

이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

A publicly accessible database that uses a common master database username increases the likelihood of brute force attack successfully granting access, as these usernames are well-known and frequently targeted by attackers. The master database username is the default username created when the database is provisioned and typically grants full access to the database, which can be used by an attacker for unauthorized data access or destruction of sensitive information.

Remediation

  1. Modify the database instance to disable public accessibility. Review Hiding a DB instance in a VPC from the internet for more information on how to disable public accessibility.

Note: You cannot change the master username without creating a new RDS instance. If you need to change the master username, create a new RDS instance and migrate the data to the new instance.

PREVIEWING: may/unit-testing