RDS Cluster IAM authentication disabled

Authentication

RDS Cluster IAM authentication disabled

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

AWS Foundational Security Best Practices Controls
Brazilian General Data Protection (LGPD)
CCPA
GDPR
HITRUST
ISO/IEC 27001
Mitre ATT&CK v12
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
UK Cyber Essentials

Description

Amazon Relational Database Service (RDS) allows setting up a relational database in the cloud. IAM database authentication allows for password-free authentication to RDS databases. We detected {AwsRdsDbCluster.Engine} cluster {AwsRdsDbCluster} is configured with IAM authentication disabled.

Recommended Mitigation

It is recommended to enable IAM database authentication in RDS MySQL or PostgreSQL clusters in order to authenticate safely without the need of a password.

RDS Cluster IAM authentication disabled

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS