7Oca
Risk for a public RDS database on AWS
I have a RDS database on a VPC which is public with a password.
I have some lambda functions (that are not in a VPC) that communicates with this database. To be able to do that I had to modify the security group of my database that allows all trafic for any IP adresses.
For me it's the easiest solution, I don't have to pay for anything (NAT Gateway...), my Lambda function have access to internet and finally I can have access to my database locally.
What I did is the easiest for me but I can of understand that to have a public database is risky. But I don't really understand why ? How can someone have the public address of my database if I just keep it for myself ? Should I filter with the IP address or it is not enough ?