Neptune Cluster With IAM Database Authentication Disabled
- Query id: a3aa0087-8228-4e7e-b202-dc9036972d02
- Query name: Neptune Cluster With IAM Database Authentication Disabled
- Platform: CloudFormation
- Severity: High
- Category: Access Control
- CWE: 285
- URL: Github
Description¶
Neptune Cluster should have IAM Database Authentication enabled
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
AWSTemplateFormatVersion: 2010-09-09
Description: A sample template
Resources:
NeptuneDBCluster:
Type: AWS::Neptune::DBCluster
Properties:
IamAuthEnabled: false
StorageEncrypted: true
NeptuneDBCluster2:
Type: AWS::Neptune::DBCluster
Properties:
IamAuthEnabled: false
StorageEncrypted: true
Positive test num. 2 - json file
{
"AWSTemplateFormatVersion": "2010-09-09T00:00:00Z",
"Description": "A sample template",
"Resources": {
"NeptuneDBCluster": {
"Type": "AWS::Neptune::DBCluster",
"Properties": {
"IamAuthEnabled": false,
"StorageEncrypted": true
}
},
"NeptuneDBCluster2": {
"Type": "AWS::Neptune::DBCluster",
"Properties": {
"IamAuthEnabled": false,
"StorageEncrypted": true
}
}
}
}