Cloud Defense Logo

Products

Solutions

Company

Rule: RDS DB Instance Backup Enabled

Ensure RDS DB instance backup is enabled to maintain data integrity and security.

RuleRDS DB instance backup should be enabled
FrameworkFedRAMP Low Revision 4
Severity
Medium

Rule Description

The rule mandates enabling RDS (Relational Database Service) DB instance backup for FedRAMP (Federal Risk and Authorization Management Program) Low Revision 4 compliance. This is essential to ensure data integrity, protection, and recovery in case of any unforeseen events or disasters.

Troubleshooting Steps

  1. 1.
    Check if the RDS DB instance backup is currently enabled.
  2. 2.
    Review the backup policy settings for the DB instance.
  3. 3.
    Ensure that the backup scheduling and retention periods comply with the FedRAMP Low Revision 4 requirements.

Necessary Code

No specific code is required for this rule. It involves configuration changes within the AWS Management Console or using AWS CLI commands.

Step-by-Step Guide for Remediation

  1. 1.
    Log in to the AWS Management Console.
  2. 2.
    Navigate to the Amazon RDS service.
  3. 3.
    Select the desired RDS DB instance that needs to be configured for backup.
  4. 4.
    Click on the "Configuration" tab to access the configuration settings.
  5. 5.
    Scroll down to the "Backup" section and verify the current backup settings.
  6. 6.
    If backup is already enabled, ensure that the retention period meets the FedRAMP Low requirements (minimum of 14 days).
  7. 7.
    If backup is not enabled, click on the "Modify" button.
  8. 8.
    In the "Modify DB Instance" window, scroll down to the "Backup" section.
  9. 9.
    Enable the "Automatic backups" option.
  10. 10.
    Configure the "Backup retention period" to comply with the FedRAMP Low Revision 4 requirements.
  11. 11.
    Click on the "Apply Immediately" checkbox to apply the changes immediately.
  12. 12.
    Review the other settings on the page and ensure they align with the desired configuration.
  13. 13.
    Click on the "Modify DB Instance" button to save the changes.

Once the changes are applied, the RDS DB instance will have automatic backups enabled with the specified retention period, ensuring compliance with FedRAMP Low Revision 4.

Is your System Free of Underlying Vulnerabilities?
Find Out Now