The AWS RDS service does not enable secure transport layer security by default, allowing clients to connect insecurely.
Additionally, for the more commonly used MySQL and MariaDB RDS engine types, this setting cannot be enabled at all.
For databases other than MySQL and MariaDB, modify the require_secure_transport or rds.force_ssl
values of the attached DB cluster parameter group. For MySQL and MariaDB there is no known workaround,
other than ensuring clients connect to these database types only within the VPC. In general, ensure that
RDS database instances without SSL/TLS enabled are not exposed over public networks.