AWS RDS database instances are using the default ports which may expose them to brute-force and dictionary attacks.
In AWS Console -
In Terraform -
References:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_RDS_Configuring.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster