rds_instance_no_public_access reports incorrect SG

[jmanduca-psfy]

Steps to Reproduce

1. prowler aws -c rds_instance_no_public_access
2. AWS
3. N/A
4. See finding's status_detail

Expected behavior

The status detail should correctly identify the Security Group(s) that contain the rule(s)

Actual Result with Screenshots or Logs

Only one group is in the detail, and it may not be the group that actually has the rule(s). Result may change between runs

How did you install Prowler?

From pip package (pip install prowler)

Environment Resource

ECS/Locally

OS used

Amazon Linux 2/WSL

Prowler version

Prowler 4.5.3 (You are running the latest version, yay!)

Pip version

pip 22.0.2 from /usr/lib/python3/dist-packages/pip (python 3.10)

Context

No changes made between scan runs.
Default SG is attached but has no rules.

[garym-krrv]

Looks like in code the IF Statement will break on the first instance of port=DB PORT (3306) and source=ANY and will not report on any other Security groups. Its either public or its not. I suspect that the check doesnt matter how many SGs allow access from ANY, its the fact the RDS instance is publicly available flags it as a fail.

[pedrooot]

Thanks for the ping! @jmanduca-psfy I'll review your issue with the team.
Thanks @garym-krrv for the insight too, that looks strange 🤔