Database Migration Service unrestricted traffic by port

Network misconfigurations

Database Migration Service unrestricted traffic by port

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

HITRUST
NIST 800-53

Description

Database Migration Services (DMS) are associated with security groups in order to allow other users to access it. DMS replication ""{AwsDmsReplicationInstance}"" is associated with security groups which allow inbound access from unspecified port. These security groups are - {AwsDmsReplicationInstance.VpcSecurityGroups}. Allowing unrestricted access to the DMS may put your data at risk

Recommended Mitigation

It is recommended to associate DMS replication with security groups that allow inbound traffic only through explicitly specified port. More information can be found here: https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.VPC.html

Database Migration Service unrestricted traffic by port

Description

Need help?