Aws Iam Authentication Disabled
Description
Detects Amazon RDS database instances that don't have IAM database authentication enabled. IAM database authentication provides an additional layer of security by allowing users to authenticate to database instances using IAM credentials instead of passwords, reducing the risk of password exposure and enabling centralized access management.
Detection Strategy
• Scans all RDS database instances in the specified AWS region
• Reports a vulnerability when an RDS instance has IAMDatabaseAuthenticationEnabled set to false
• Each vulnerability includes the specific RDS instance ARN and its current IAM authentication setting
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.