AWS RDS cluster not configured with IAM authentication

Description

This policy identifies RDS clusters that are not configured with IAM authentication. If you enable IAM authentication you don't need to store user credentials in the database, because authentication is managed externally using IAM. IAM database authentication provides the network traffic to and from database clusters is encrypted using Secure Sockets Layer (SSL), Centrally manage access to your database resources and Profile credentials instead of a password, for greater security.

Code Example

resource "aws_rds_cluster" "enabled" {
    ...
+ iam_database_authentication_enabled = true
}

Remediation

Terraform

Resource: aws_rds_cluster
Arguments: iam_database_authentication_enabled

Rule Details

Field	Value
ID	IAC-0211
Severity	LOW
IaC Type	Cloudformation
Frameworks	CloudFormation, Terraform, TerraformPlan, Serverless
Checkov ID	CKV_AWS_162

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

AWS RDS cluster not configured with IAM authentication

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

AWS RDS cluster not configured with IAM authentication ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

AWS RDS cluster not configured with IAM authentication

Description

Code Example

Remediation

Rule Details

References