Aws Cluster Not In Subnet Group
Description
Identifies Amazon RDS database clusters that are not associated with a DB subnet group. Database clusters without subnet groups lack proper network isolation controls, which could lead to improper network access and potential security risks.
Detection Strategy
• Scans all RDS database clusters in the AWS account
• Checks if each cluster has a DBSubnetGroup configuration
• Reports a vulnerability if the DBSubnetGroup property is empty or missing
• Each vulnerability includes the specific cluster's ARN to identify the affected resource
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.