Rule: RDS DB Instance Backup Should Be Enabled
Ensure that RDS DB instance backup is enabled to maintain data security and availability.
| Rule | RDS DB instance backup should be enabled |
| Framework | NIST 800-53 Revision 4 |
| Severity | ✔ Medium |
Rule Description
The rule requires that an Amazon Relational Database Service (RDS) database instance should have automatic backups enabled in accordance with the NIST 800-53 Revision 4 security standard. This ensures that data can be restored in the event of a failure or data loss.
Troubleshooting Steps
If automatic backups are not enabled, follow these troubleshooting steps:
- 1.Ensure you have the necessary IAM permissions to manage RDS backups.
- 2.Verify that the RDS database instance has the automated backup feature enabled.
- 3.Check if the backup retention period is set to an appropriate value to comply with the NIST 800-53 Revision 4 standard.
- 4.Review the database events and error logs for any indications of backup failures.
- 5.Validate the storage capacity available for backups to ensure it is sufficient.
Necessary Codes
There are no specific codes required to enable automatic backups for an RDS instance. The backup feature is available in the AWS Management Console and can be configured through the console or using CLI commands.
Step-by-Step Guide for Remediation
Follow these steps to enable automatic backups for an RDS database instance:
- 1.Log in to the AWS Management Console.
- 2.Navigate to the Amazon RDS service.
- 3.Select the appropriate region.
- 4.Click on "Databases" in the left-hand menu.
- 5.Locate the RDS database instance for which you want to enable automatic backups.
- 6.Click on the instance name to open its details page.
- 7.In the "Backup and restore" tab, find the "Backup" section.
- 8.Ensure that the "Automated backups" option is enabled.
- 9.Set the desired retention period according to the NIST 800-53 Revision 4 standard.
- 10.Click "Apply immediately" to save the changes.
Once automated backups are enabled, the RDS service will start creating automatic backups according to the configured schedule. These backups can be used to restore the database to a specific point in time.
Note: Keep in mind that enabling automated backups may have an additional cost associated with it. Make sure to review the pricing details on the AWS website and consider any cost implications.
Conclusion
Enabling automatic backups for RDS database instances is crucial to comply with the NIST 800-53 Revision 4 security standard. By following the step-by-step guide provided, you can ensure that your RDS instances have the necessary backup functionality enabled, allowing you to protect your data and recover from any unforeseen issues.