v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/aws_perimeter
Overview
3Dashboards
62Controls
0Queries
5Variables
GitHub

Control: RDS DB instances should prohibit public access

Description

Manage access to resources in the AWS Cloud by ensuring that RDS instances are not public.

Usage

Run the control in your terminal:

powerpipe control run aws_perimeter.control.rds_db_instance_prohibit_public_access

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_perimeter.control.rds_db_instance_prohibit_public_access --share

Steampipe Tables

aws_rds_db_instance
Amazon Web Services plugin

SQL

select
  arn as resource,
  case
    when publicly_accessible then 'alarm'
    else 'ok'
  end status,
  case
    when publicly_accessible then title || ' publicly accessible.'
    else title || ' not publicly accessible.'
  end reason
  
  , region, account_id
from
  aws_rds_db_instance;

Tags

category = Perimeter
plugin = aws
service = AWS/RDS