Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: RDS Snapshots Should Prohibit Public Access

This rule ensures the prohibition of public access to RDS snapshots for cybersecurity controls.

RuleRDS snapshots should prohibit public access
FrameworkFederal Financial Institutions Examination Council (FFIEC)
Severity
Critical

Rule Description:

RDS snapshots should prohibit public access for Federal Financial Institutions Examination Council (FFIEC). This rule ensures the security and compliance of RDS (Amazon Relational Database Service) snapshots for organizations governed by the Federal Financial Institutions Examination Council (FFIEC). By prohibiting public access to RDS snapshots, sensitive data is protected and prevents unauthorized access or data breaches.

Troubleshooting Steps (if any):

  2. 1.
    Verify if the RDS snapshot has public access enabled.
  4. 2.
    Check if the FFIEC compliance requirements are being met.
  6. 3.
    Identify any potential unauthorized access or data breaches.

Necessary Codes (if applicable):

No specific codes are required for this rule.

Remediation Steps:

Follow the step-by-step guide below to remediate the issue and prohibit public access for FFIEC:

  2. 1.

    Open the AWS Management Console and navigate to the RDS service.

  4. 2.

    Click on "Snapshots" from the left-hand menu.

  6. 3.

    Select the RDS snapshot that needs to be modified.

  8. 4.

    In the snapshot details page, click on the "Actions" button.

  10. 5.

    From the dropdown menu, choose "Modify Snapshot Permissions."

  12. 6.

    In the "Modify Snapshot Permissions" window, check if the snapshot is set to public by default. If it is, uncheck the "Public" option.

  14. 7.

    Specify the appropriate account or IAM role with the necessary access permissions in the "AWS Account IDs" field.

  16. 8.

    Click on the "Add Cross-Account Permissions" button to apply the changes.

  18. 9.

    Once the necessary modifications have been made, review the changes and click on the "Modify Permissions" button.

  20. 10.

    Wait for the changes to be applied. This may take a few moments.

  22. 11.

    Verify that the public access for the RDS snapshot has been successfully revoked.

  24. 12.

    Repeat the steps above for any other RDS snapshots that need to be modified to ensure compliance with FFIEC requirements.

Additional Notes:

  • Regularly audit and monitor RDS snapshots to ensure ongoing compliance with FFIEC regulations.
  • Consider setting up automation or use AWS Config rules to automatically check and enforce the prohibition of public access for RDS snapshots.

Is your System Free of Underlying Vulnerabilities?
Find Out Now