RDS DB Instances in Backup Plan Rule

This rule ensures all RDS DB instances are included in a backup plan for data security and recovery purposes.

Rule	RDS DB instances should be in a backup plan
Framework	CISA-cyber-essentials
Severity	✔ High

Rule Description: RDS DB instances should be included in a backup plan for CISA Cyber Essentials.

Rule Explanation:

To comply with CISA Cyber Essentials, it is essential to have a backup plan that includes RDS DB instances. This ensures that in the event of data loss or corruption, the necessary measures are in place to restore the databases to a previous state.

Troubleshooting Steps:

1.

Verify Backup Configuration: Check if the RDS DB instance has a backup plan configured.

2.

Check Backup Frequency: Ensure that backups are scheduled at appropriate intervals. Regular backups are crucial for minimizing data loss.

3.

Confirm Backup Retention Period: Ensure that the backup retention period is set to an appropriate value for your business needs. The retention period determines how long the backups are retained and available for restoration.

Necessary Code:

N/A

Step-by-Step Guide for Remediation:

1.

Login to the AWS Management Console.

2.

Go to the Amazon RDS service.

3.

In the left navigation pane, click on "Databases".

4.

Select the RDS DB instance that needs to be included in the backup plan.

5.

In the "Backup" tab, verify if automatic backups are enabled. If not, enable them by clicking on "Modify" and enabling the "Backup retention period" option.

6.

Set an appropriate backup retention period. Consider your business needs and compliance requirements when choosing the retention period.

7.

Verify the backup frequency by checking the "Backup window" settings. Ensure that backups are scheduled at regular intervals that align with your business requirements.

8.

Save the changes and exit the console.

Additional Considerations:

1.

Monitor backup status: Regularly check the backup status of RDS DB instances to ensure that backups are being successfully performed.

2.

Test backup restoration: Periodically perform a test restoration of a backup to ensure that the process works correctly. This will help you verify the integrity of your backups and validate the recovery process.

3.

Use automated backup features: Consider utilizing automated backup features provided by AWS, such as Amazon RDS snapshots or enabling automated backups with the AWS Backup service. These features can simplify the backup process and improve reliability.

Note: This guide assumes you have the necessary permissions to configure backup settings for RDS DB instances.

RDS DB Instances in Backup Plan Rule

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Rule Explanation:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Troubleshooting Steps:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Necessary Code:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step-by-Step Guide for Remediation:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Additional Considerations:

Is your System Free of Underlying Vulnerabilities? Find Out Now

Rule Explanation:

Troubleshooting Steps:

Necessary Code:

Step-by-Step Guide for Remediation:

Additional Considerations:

Is your System Free of Underlying Vulnerabilities?
Find Out Now