Neptune cluster replicates to a publicly accessible Neptune instance

rds
This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

A private Neptune cluster replicating to a publicly accessible Neptune read replica instance increases the likelihood of unauthorized data access. If the public Neptune read replica instance is accessed, it could lead to unauthorized data access or destruction of sensitive information replicated from the private Neptune cluster.

Remediation

  1. Create a new Neptune read replica instance. Review Adding Neptune reader instances to a DB Cluster for more information on how to create a Neptune read replica instance.

Note: You cannot change public accessibility on a Neptune read replica instance. If you need to disable public accessibility, create a new Neptune read replica instance and migrate the data to the new instance.