Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

RDS DB Instance Backup Should Be Enabled Rule

This rule ensures that RDS DB instance backup is enabled for data protection.

RuleRDS DB instance backup should be enabled
FrameworkNIST 800-171 Revision 2
Severity
Medium

Rule Description

The rule requires that the backup function is enabled for Amazon RDS database instances to comply with the NIST 800-171 Revision 2 security guidelines. This policy ensures the availability and integrity of data in case of errors, accidental deletions, or system failures.

Troubleshooting Steps

If you encounter any issues with enabling the backup for RDS DB instances, follow the troubleshooting steps below:

  1. 1.

    Issue: Backup option is not available for the RDS DB instance.

    • Resolution: Ensure that you have the necessary permissions to modify the RDS instance settings. Verify that the instance is running and not undergoing any maintenance activities.
  2. 2.

    Issue: Backup fails or encounters errors.

    • Resolution: Check your available storage space for backups. If it is insufficient, free up space by deleting old backups or increasing the allocated storage. Verify the connectivity and accessibility of the backup storage location.

Necessary Codes

No additional codes are required for this specific rule/policy.

Steps for Remediation

Follow the steps below to enable RDS DB instance backup:

  1. 1.
    Step 1: Log in to the AWS Management Console.
  2. 2.
    Step 2: Navigate to the Amazon RDS service.
  3. 3.
    Step 3: From the left-hand navigation pane, select "Databases."
  4. 4.
    Step 4: Choose the RDS DB instance for which you want to enable backup.
  5. 5.
    Step 5: Click on "Modify" to modify the instance settings.
  6. 6.
    Step 6: Scroll down to the "Backup" section.
  7. 7.
    Step 7: Ensure that the "Backup retention period" is set to an appropriate value (e.g., 7 days).
  8. 8.
    Step 8: Verify that the "Backup window" is set to a time that is suitable for your business requirements.
  9. 9.
    Step 9: Tick the checkbox to enable "Automated backups."
  10. 10.
    Step 10: Click on "Continue" and review the summary of the proposed changes.
  11. 11.
    Step 11: Finally, click on "Modify DB instance" to save the changes.

Verification

To ensure that the RDS DB instance backup is successfully enabled, follow the steps below:

  1. 1.
    Step 1: Log in to the AWS Management Console.
  2. 2.
    Step 2: Navigate to the Amazon RDS service.
  3. 3.
    Step 3: From the left-hand navigation pane, select "Databases."
  4. 4.
    Step 4: Choose the previously modified RDS DB instance.
  5. 5.
    Step 5: Verify that the "Backup retention period" is set as expected.
  6. 6.
    Step 6: Confirm that the "Backup window" is set to the desired time.
  7. 7.
    Step 7: Check that the "Automated backups" option is enabled.

By following these steps, you have successfully enabled the RDS DB instance backup for compliance with the NIST 800-171 Revision 2 security guideline.

Is your System Free of Underlying Vulnerabilities?
Find Out Now