my-sql-instance

Overview
Critical
0
High
1
Medium
9
Low
1
Informational
0
Security issues (11)
Severity Non-Compliance Issue Remediation Read more Action
Medium CIS 6.1.1 SQL database instance can be accessed by the root user from any host. To ensure secure access, limit root access to SQL instances to allowed IPs only. More info
Medium SQL database instance is publicly accessible from all IP addresses. To fulfill HIPAA and PCI DSS requirements on strict access and integrity controls, ensure that all SQL instances are configured to accept connections from trusted networks and IP addresses only. More info
Medium HIPAA (Backup) SQL database instance has no backup run, and so it can not be restored to a recent point. To fulfill HIPAA requirements on restoring compromised services, ensure that all SQL instances are configured to have automated (scheduled) backups and can be restored to a recent point. More info
Medium CIS 6.7 SQL database instance does not have an automated backup enabled. Ensure that automated backups are enabled for all SQL database instances. More info
Medium SQL database instance does not have multi-AZ enabled. Ensure that all SQL instances are created with a secondary AZ to ensure proper failover. More info
Medium CIS 6.4 PCI DSS 4.2 HIPAA (Encryption) SQL database instance has SSL/TLS disabled. To fulfill HIPAA and PCI DSS requirements on strong cryptographic and security protocols for transmitting user data, enforce all incoming connections to your SQL database instances to use SSL/TLS only. More info
Medium CIS 6.1.3 MySQL database instance has "local_infile" flag enabled. To follow best practices on data security, ensure all your MySQL database instances have the "local_infile" flag disabled. More info
Medium MySQL database instance has "slow_query_log" flag disabled. To simplify the task of finding inefficient or time-consuming SQL queries, ensure all your MySQL database instances have the "slow_query_log" flag enabled. More info
Medium CIS 6.6 SQL database instance has public IPs. To reduce the application's attack surface, ensure your SQL database instances are configured to use private IP addresses instead of public IPs. More info
Low SQL database instance has automatic storage increase limit set zero (no limit for storage growth). To prevent your SQL instance disk size from growing too large and increase service costs, ensure your SQL database instances are configured with an optimal automatic storage increase limit. More info
High PCI DSS 3.5 HIPAA (Encryption) SQL database instance is not encrypted using Customer-Managed Keys (CMK). To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure your SQL database instances are encrypted using CMK. More info