We have a test AWS RDS PostgreSQL instance sitting inside a VPC on AWS. Its usually exposed to outside world by allowing specific IP address(es) in security group. This has
