Back to All Checks
Critical DMS Regional

Database Migration Service replication instances should not be public

PCI DSSNISTISO 27001

Description

Checks whether AWS DMS replication instances are public. It examines the value of the PubliclyAccessible field. A private replication instance should have a private IP address and not be accessible outside of the replication network.

Remediation

To ensure DMS replication instances are not public, avoid selecting the 'Publicly accessible' option when creating or modifying instances. If an instance is public, delete it and recreate it with the correct settings.

Steps

  1. Open the AWS DMS console.
  2. Select the replication instance.
  3. Verify or modify the 'Publicly accessible' setting to false.
  4. If necessary, delete and recreate the instance with the correct setting.

Compliance

PCI DSSNISTISO 27001
Start Your Free Security Check