Network misconfigurations

Database Migration Service unrestricted traffic by port

Description

Database Migration Services (DMS) are associated with security groups in order to allow other users to access it. DMS replication ""{AwsDmsReplicationInstance}"" is associated with security groups which allow inbound access from unspecified port. These security groups are - {AwsDmsReplicationInstance.VpcSecurityGroups}. Allowing unrestricted access to the DMS may put your data at risk
  • Recommended Mitigation

    It is recommended to associate DMS replication with security groups that allow inbound traffic only through explicitly specified port. More information can be found here: <a href="https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.VPC.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.VPC.html</a>