Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: RDS DB Instance Backup Should Be Enabled

This rule ensures that RDS DB instance backup is enabled to maintain data resilience and availability.

RuleRDS DB instance backup should be enabled
FrameworkFederal Financial Institutions Examination Council (FFIEC)
Severity
Medium

Rule Description

The rule requires that the RDS DB instance backup feature should be enabled for compliance with the Federal Financial Institutions Examination Council (FFIEC) guidelines. This ensures that proper data backup measures are in place to protect sensitive information and facilitate disaster recovery.

Troubleshooting Steps

If the RDS DB instance backup is not enabled, follow these troubleshooting steps:

  2. 1.
    Check the current status of the backup feature for the RDS DB instance.
  4. 2.
    Review the AWS Management Console or use the AWS Command Line Interface (CLI) to determine the backup configuration.
  6. 3.
    Verify that the backup retention period meets the required guidelines set by FFIEC.
  8. 4.
    Ensure that the automatic backup feature is turned on.
  10. 5.
    Confirm that the backups are being stored in an appropriate location with the necessary access controls.

Necessary Code

To enable RDS DB instance backup, use the following AWS CLI command:

aws rds modify-db-instance --db-instance-identifier <DB_INSTANCE_NAME> --backup-retention-period <RETENTION_PERIOD>

Replace 

<DB_INSTANCE_NAME>
with the identifier of your RDS DB instance and 
<RETENTION_PERIOD>
with the desired number of days to retain backups.

Step-by-Step Guide for Remediation

Follow these steps to enable RDS DB instance backup for FFIEC compliance:

  2. 1.
    Log in to the AWS Management Console.
  4. 2.
    Navigate to the Amazon RDS service.
  6. 3.
    Select the region where your RDS DB instance is located.
  8. 4.
    Click on "Databases" in the sidebar.
  10. 5.
    Locate the DB instance that needs backup enabled and click on its name.
  12. 6.
    In the "Actions" dropdown menu, select "Modify".
  14. 7.
    Scroll down to the "Backup" section.
  16. 8.
    Set the desired value for the "Backup retention period" (in days).
  18. 9.
    Ensure that the "Automatic backups" option is selected.
  20. 10.
    Click on "Continue" to proceed.
  22. 11.
    Review the summary of the modifications and click on "Modify DB instance".
  24. 12.
    Wait for the modification to take effect. This may take a few minutes.
  26. 13.
    Verify that the backup feature is enabled by checking the status or using the AWS CLI command mentioned above.

By following these steps, you will enable RDS DB instance backup to comply with FFIEC guidelines. This will help ensure the availability and integrity of your data while facilitating timely recovery in the event of data loss or system failure.

Is your System Free of Underlying Vulnerabilities?
Find Out Now