RDS database instances should use a non-default port このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。
Description Confirm Amazon RDS database instances are not using default ports. This includes default ports such as MySQL/Aurora port 3306, SQL Server port 1433, and PostgreSQL port 5432.
Rationale Using a custom port can protect against potential brute-force and dictionary attacks.
From the console Follow the Modifying an Amazon RDS DB instance docs to verify you’re not using a default. You can modify your port by modifying that DB instance settings .
From the command line Run create-db-snapshot
with your database instance and snapshot identifiers to create a snapshot .
Copy
aws rds create-db-snapshot \
--db-instance-identifier database-mysql \
--db-snapshot-identifier snapshotidentifier
Run modify-db-instance
with a new, valid port number. A list of port numbers are available .
Copy
aws rds modify-db-instance \
--db-instance-identifier database-identifier \
--option-group-name test-group-name \
--db-parameter-group-name test-sqlserver-name \
--apply-immediately