Network misconfigurations

Database Migration Service unrestricted traffic by protocol


Database Migration Services (DMS) are associated with security groups in order to allow other users to access it. DMS replication ""{AwsDmsReplicationInstance}"" is associated with security groups which allow inbound access with unspecified protocol. These security groups are - {AwsDmsReplicationInstance.VpcSecurityGroups}. Allowing unrestricted access to the DMS may put your data at risk
  • Recommended Mitigation

    It is recommended to associate DMS replication with security groups that allow inbound traffic only with explicitly specified protocol. More information can be found here: <a href="" target="_blank" rel="noopener noreferrer"></a>