Ensure Neptune Cluster instance is not publicly available

neptune_instance_public

Severity

high

Vendor

AWS

Resource

Amazon Neptune

Description

nsuring that your Amazon Neptune instance is not publicly accessible is a fundamental security measure to protect your data, meet compliance requirements, reduce security risks, and maintain control over who can access your database. It is a key element of a secure and well-architected AWS environment.

Examples

Buildtime

Terraform

resource "aws_neptune_cluster_instance"{
  count               = 1
  cluster_identifier  = aws_neptune_cluster.default.id
  engine              = "neptune"
  instance_class      = "db.r4.large"
  apply_immediately   = true
  publicly_accessible = true (1)
}

1	Ensure the instance is not publicly accessible

Mitigation / Fix

Buildtime

Terraform

resource "aws_neptune_cluster_instance"{
  count               = 1
  cluster_identifier  = aws_neptune_cluster.default.id
  engine              = "neptune"
  instance_class      = "db.r4.large"
  apply_immediately   = true
  publicly_accessible = false (1)
}

1	Ensure the publicly_accessible is set to false. (The default value is also false)