Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: RDS Snapshots Should Prohibit Public Access

This rule ensures RDS snapshots do not allow public access to prevent security risks.

RuleRDS snapshots should prohibit public access
FrameworkNIST 800-53 Revision 4
Severity
Critical

Rule Description:

According to the NIST 800-53 Revision 4 guidelines, it is recommended to prohibit public access to RDS snapshots.

RDS snapshots are point-in-time backups of your Amazon Relational Database Service (RDS) instances, containing all the database contents at that specific moment. Ensuring that the snapshots are not publicly accessible helps in maintaining data confidentiality and preventing unauthorized access.

Troubleshooting Steps:

If public access is allowed for RDS snapshots, it can pose a significant security risk. To troubleshoot this issue, follow these steps:

  1. 1.
    Identify the RDS snapshots that have public access enabled.
  2. 2.
    Determine the reason why public access is enabled for these snapshots.
  3. 3.
    Verify if there are any specific business requirements or applications that necessitate public access to these snapshots.
  4. 4.
    If public access is not required, proceed with the remediation steps.

Remediation:

To prohibit public access for RDS snapshots, follow these step-by-step instructions:

  1. 1.

    Identify Relevant RDS Snapshots: Determine the RDS snapshots to which this rule should apply. This could include all existing snapshots or specific snapshots based on certain criteria.

  2. 2.

    Modify Snapshot Permissions:

    • Open the Amazon RDS console.
    • Select the specific snapshot or snapshots you want to modify.
    • Choose the Modify Snapshot Permissions option from the Actions dropdown menu.
    • In the Modify Snapshot Permissions dialog box, revoke the Public access checkbox.
    • Click on Save to apply the changes.
  3. 3.

    Review and Audit Access Permissions:

    • Regularly review and audit snapshot permissions to ensure they remain secure.
    • Verify that only authorized AWS IAM users or roles have access to the snapshots.
    • Remove any unnecessary access permissions for snapshots.
  4. 4.

    Automate the Process:

    • Consider using AWS Identity and Access Management (IAM) policies to automate the process of restricting public access to snapshots.
    • IAM policies allow you to define granular permissions for different AWS resources, including RDS snapshots.
    • Create and apply a policy that restricts public access to all future snapshots automatically.

Verification:

To verify that public access has been successfully prohibited for RDS snapshots, follow these steps:

  1. 1.

    Open the Amazon RDS console.

  2. 2.

    Locate the snapshots that were modified in the earlier steps.

  3. 3.

    Check the permissions associated with these snapshots, ensuring that the public access checkbox is not enabled.

  4. 4.

    Test access to the snapshots using a different AWS IAM user or role to confirm that only authorized entities can access them.

By following these steps, you can successfully prohibit public access for RDS snapshots and align with the NIST 800-53 Revision 4 guidelines for enhanced data security.

Is your System Free of Underlying Vulnerabilities?
Find Out Now