• caglararli@hotmail.com
  • 05386281520

Risk for a public RDS database on AWS

Çağlar Arlı      -    37 Views

Risk for a public RDS database on AWS

I have a RDS database on a VPC which is public with a password.

I have some lambda functions (that are not in a VPC) that communicates with this database. To be able to do that I had to modify the security group of my database that allows all trafic for any IP adresses.

For me it's the easiest solution, I don't have to pay for anything (NAT Gateway...), my Lambda function have access to internet and finally I can have access to my database locally.

What I did is the easiest for me but I can of understand that to have a public database is risky. But I don't really understand why ? How can someone have the public address of my database if I just keep it for myself ? Should I filter with the IP address or it is not enough ?