Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Sudden RDS "[Note] Access denied for user 'root'@'xxx.xxx.xxx.xxx' (using password: YES)"

0

2022-09-07T03:13:15.528272Z 4105348 [Note] Access denied for user 'root'@'xxx' (using password: YES) 2022-09-07T03:13:15.555529Z 4105349 [Note] Access denied for user 'root'@'xxx' (using password: YES) 2022-09-07T03:13:15.559440Z 4105350 [Note] Access denied for user 'root'@'xxx' (using password: YES)

Suddenly, the password of the RDS was wrong as above, so access was not possible.

  • Was not in AWS maintenance
  • We're not working on anything
  • We didn't change the password
  • Monitoring figures were not unusual

Access is possible after resetting the maste* password. I've never experienced anything like this before. I'm worried that this will happen again in the future. I wonder why the password was deleted.

I'd appreciate it if you could tell me the cause and prevention method.

Themen
Sicherheit, Identität & KonformitätMigration und ModernisierungAnalysenDatenbank
Tags
AWS Identity and Access ManagementAmazon Relational Database Service
Sprache
English
rePost-User-6654545
gefragt vor 2 Jahren294 Aufrufe
1 Antwort
1

AWS never changes/deletes any of the passwords on the customers' databases. If you have enabled CloudTrail and auditing on the databse, then you can check if anyone was accidentally change the password. This should be the best place to start the root cause analysis.

AWS
D-Rao
beantwortet vor 2 Jahren
profile pictureAWS
EXPERTE
Chris_G
überprüft vor 2 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt