Control: 25 RDS database instances should use a custom administrator username
Description
This control checks whether you've changed the administrative username for Amazon Relational Database Service (Amazon RDS) database instances from the default value. The control fails if the administrative username is set to the default value.
Default administrative usernames on Amazon RDS databases are public knowledge. When creating an Amazon RDS database, you should change the default administrative username to a unique value to reduce the risk of unintended access.
Remediation
To change the administrative username associated with an RDS database instance, first create a new RDS database instance. Change the default administrative username while creating the database.
Usage
Run the control in your terminal:
powerpipe control run aws_compliance.control.foundational_security_rds_25
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run aws_compliance.control.foundational_security_rds_25 --share
SQL
This control uses a named query:
rds_db_instance_no_default_admin_name