RDS cluster replicates to a publicly accessible RDS instance

rds

Description

A private RDS cluster replicating to a publicly accessible RDS read replica instance increases the likelihood of unauthorized data access. If the public RDS read replica instance is accessed, it could lead to unauthorized data access or destruction of sensitive information replicated from the private RDS cluster.

Remediation

  1. Modify the database instance to disable public accessibility. Review Hiding a DB instance in a VPC from the internet for more information on how to disable public accessibility.