RDS IAM Database Authentication Disabled
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | rds |
| Provider | aws |
| Vulnerability Type | omission |
Description#
RDS database instances for PostgreSQL or MySQL are configured without IAM Database Authentication, meaning access is managed solely through static database credentials instead of AWS IAM identities.
Impact#
Without IAM authentication, database access is harder to centrally manage and audit, increasing the risk of credential leaks or unauthorized access. Attackers compromising static credentials could gain persistent access to the database, potentially leading to data breaches or unauthorized data manipulation.
Resolution#
Modify the PostgreSQL and MySQL type RDS instances to enable IAM database authentication.