Database Migration Service unrestricted traffic by port

Network misconfigurations

Database Migration Service unrestricted traffic by port

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
coppa
CPRA
Data Security Posture Management (DSPM) Best Practices
GDPR
HITRUST
ISO/IEC 27001
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
UK Cyber Essentials

Description

Database Migration Services (DMS) are associated with security groups in order to allow other users to access it. DMS replication ""{AwsDmsReplicationInstance}"" is associated with security groups which allow inbound access from unspecified port. These security groups are - {AwsDmsReplicationInstance.VpcSecurityGroups}. Allowing unrestricted access to the DMS may put your data at risk

Recommended Mitigation

It is recommended to associate DMS replication with security groups that allow inbound traffic only through explicitly specified port. More information can be found here: <a href="https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.VPC.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.VPC.html</a>

Database Migration Service unrestricted traffic by port

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS