- Newest
- Most votes
- Most comments
Hello.
Am I correct in understanding that you are using RDS for the database?
Also, does RDS have public access enabled?
If public access is enabled, we recommend disabling it.
If you can identify the IP address of the access source, you can consider preventing it with security groups or network ACLs.
Also, although it is unclear whether this will directly resolve the issue, I think it would be a good idea to change the DB user name and password.
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html#USER_VPC.Hiding
Also, if the unauthorized access is via a web application, you may want to consider using something like AWS WAF.
To use AWS WAF, you will need ALB and CloudFront, so please set them up if you want to use them.
https://docs.aws.amazon.com/waf/latest/developerguide/getting-started.html
Relevant content
- Accepted Answerasked 2 years ago
- How can I get data to assist in troubleshooting IAM permission access denied or unauthorized errors?AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 2 years ago