Rule: RDS Snapshots Should Prohibit Public Access

This rule ensures that RDS snapshots do not have public access for critical data protection.

Rule	RDS snapshots should prohibit public access
Framework	HIPAA
Severity	✔ Critical

Rule Description:

RDS snapshots should prohibit public access to ensure compliance with the Health Insurance Portability and Accountability Act (HIPAA). HIPAA requires the protection of sensitive health information and mandates that any access to this data should be restricted to authorized individuals or entities.

Troubleshooting Steps (if applicable):

1.
Verify the current access settings for RDS snapshots.

2.
Check if public access is enabled for any RDS snapshots.

3.
Review the associated security groups and network ACLs to identify any potential loopholes or misconfigurations.

4.
Assess the snapshot's encryption status.

5.
Ensure that only authorized users or systems can access the snapshots.

Necessary Code (if applicable):

To restrict public access to RDS snapshots, you can use the AWS Command Line Interface (CLI) or AWS Management Console.

AWS CLI Command:

aws rds modify-db-snapshot-attribute --db-snapshot-identifier <snapshot-identifier> --attribute-name `restore` --values-to-add <AWS-account-ID>

Replace

<snapshot-identifier>

with the identifier of the RDS snapshot that needs modification, and

<AWS-account-ID>

with the AWS account ID of the authorized user or entity.

AWS Management Console:

1.
Go to the Amazon RDS console.

2.
Select "Snapshots" from the left-hand panel.

3.
Choose the desired snapshot.

4.
Click on "Modify" in the upper-right corner.

5.
Under "Public accessibility," select "False" to disable public access.

6.
Save the changes.

Remediation Steps:

Follow these step-by-step instructions to remediate the RDS snapshot and enforce the prohibition of public access:

1.
Access the AWS Management Console.

2.
Navigate to the Amazon RDS service.

3.
Select "Snapshots" from the left-hand panel.

4.
Identify the RDS snapshot(s) that need modification.

5.
Choose the snapshot that requires public access restriction.

6.
Click on "Modify" in the upper-right corner.

7.
Locate the "Public accessibility" option and set it to "False" to disable public access.

8.
Save the changes.

9.
Double-check that the modification has been applied successfully.

By following these steps, you ensure that RDS snapshots maintain compliance with HIPAA regulations by prohibiting public access.

Rule: RDS Snapshots Should Prohibit Public Access

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}AWS CLI Command:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}AWS Management Console:

Is your System Free of Underlying Vulnerabilities? Find Out Now

AWS CLI Command:

AWS Management Console:

Is your System Free of Underlying Vulnerabilities?
Find Out Now