Data at risk

RDS database cluster snapshot is publicly accessible

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

RDS database cluster snapshots are backups for RDS clusters and can be used to restore a cluster. RDS database cluster snapshot '{AwsRdsDbClusterSnapshot}' is publicly accessible. A public cluster snapshot allows all AWS accounts to copy the snapshot or restore a cluster from it. This means the data in it is exposed to all AWS accounts

  • Recommended Mitigation

    We recommend not to share cluster snapshots publicly in order to protect your information. If a snapshot needs to be shared it should be shared privately with a trusted account. For more information about cluster snapshot sharing: <a href="https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_ShareSnapshot.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_ShareSnapshot.html</a>

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.