Thank you for the feedback.
We originally had this setup as a test, and we were connecting to the db from outside. Once the test scenario became something more permanent we neglected to fix access rights. Currently all access should be from a docker GUI which is run on that AWS instance, so I agree it shouldn’t be available.
As you suggest, we’ve removed the postgres port from the AWS instance inbound rules and hoping this takes care of it . Thanks again – I’m new to AWS and postgres setup so am making mistakes, but learning.
From: Rui DeSousa <rui@crazybean.net>
Date: Monday, November 8, 2021 at 12:33 PM
To: Lynn Carol Johnson <lcj34@cornell.edu>
Cc: "pgsql-admin@lists.postgresql.org" <pgsql-admin@lists.postgresql.org>
Subject: Re: Postgres dying after many failed logins
2021-11-05 14:35:09.197 UTC [1451469] LOG: received smart shutdown request
2021-11-05 14:35:09.222 UTC [1451660] postgres@breedbase FATAL: terminating connection due to administrator command
That does not look like PostgreSQL crashed but is being shutdown by RDS services due to a DOS attack.
1. A firewall should be blocking the incoming rouge traffic to protect the given server; otherwise the system is open to a DOS attack.
2. Why is PostgreSQL accessible on the internet? Normally DB servers are at least 3 deep from the internet and only internal trusted nodes should be connecting to the database.