Notify All Publicly Open AWS RDS Instances Once in a Week

Updated 1 day ago by Totalcloud

Unwanted open AWS RDS instances pose a security threat, and may cause havoc if neglected.

There's a template already available in the web app for this use case. This workflow template automatically fetches all open RDS instances and sends an email with the list for your review every week.

Please find below the information on how this template works and how you can customize it according to your needs.

How Does This Template Work?

  1. Trigger node initiates the workflow once in seven days.
  2. Resource node fetches all RDS DB instances belonging to an AWS account and AWS region.
  3. Resource Node's Add-on feature fetches Security Group qualities of the selected DB instances.
  4. Filter node looks-up for inbound rules of security groups that are open -- 0.0.0.0/0.
  5. Notification node sends an email to the concerned team(s) or stakeholder(s) with the list of all the public buckets.

Steps to Customize this Template

  1. Open the template
  2. Click on the 'Edit' option in the Trigger node to access the parameters input window. Add or modify the following details as per your requirement:
    1. Retain the 'Recurrent' selection and 'Every Seven Days' selection. If you wish to start the workflow every morning, select 'Schedule' and select all the days of the week.
    2. Click on 'Save'
  3. Click on the 'Edit' option in the Resource node to access the parameters input window. Add or modify the following details as per your requirement:
    1. Retain the AWS Service name 'RDS' entry.
    2. Retain the AWS Resource name 'DB Instances' entry.
    3. Retain the 'Security Groups' selection in the 'Add-ons' entry.
    4. Pass only specific DB instances in the Advanced Filters script in place of values as shown below.
    { /*---------- optional params ----------*/

    /*
    * (Use keyword MAP in place of value if want to autofill any value from previous data) */

    "DBInstanceIdentifier": "VALUE",
    "Filters": [
    "VALUE",
    "VALUE"
    ],
    "MaxRecords": [
    "VALUE",
    "VALUE"
    ]
    }
    1. Click on 'Save'
  4. Click on the 'Edit' option in the Filter node to access the parameters input window. Add or modify the following details as per your requirement:
    1. Select Resource to perform action on as the resource node prior to this node.
    2. Retain the Security Group filter selection and all the rules. To fine tune the filtering further, add more conditions.
    3. Click on 'Save'
  5. Click on the 'Edit' option in the Report node to access the parameters input window. Add or modify the following details as per your requirement:
    1. Select Resource to perform action on as the Filter node prior to this node.
    2. Retain Passthrough
    3. Retain DBName and DBInstanceIdentifier selections.
  6. Click on the Save icon
  7. Click on the Run icon


How did we do?