Control: 6.1 Ensure that RDS instance requires all incoming connections to use SSL
It is recommended to enforce all incoming connections to SQL database instance to use SSL.
- Logon to RDS Console.
- Select the region where the target instance is located.
- Click the ID of the target instance to enter the Basic Information page.
- In the left-side navigation pane, click
- Click the
- Click the switch next to
- In the Configure SSL dialog box, select the endpoint for which you want to enable SSL encryption and then click
Download CA Certificateto download an SSL certificate.
- The downloaded SSL certificate is a package including the following files:
p7b file:is used to import the CA certificate on Windows OS.
PEM file:is used to import the CA certificate on other systems or for other applications.
JKS file:is a Java truststore certificate file used for importing CA certificate chains in Java programs. The password is apsaradb.
steampipe check alicloud_compliance.control.cis_v100_6_1
This control uses a named query:rds_instance_ssl_enabled