Rule: RDS DB Instance Backup Should Be Enabled

This rule ensures that RDS DB instance backup is enabled to maintain data security and integrity.

Rule	RDS DB instance backup should be enabled
Framework	NIST 800-53 Revision 5
Severity	✔ Medium

Rule Description:

This rule states that the backup feature of the RDS DB instance should be enabled in accordance with NIST 800-53 Revision 5. Enabling backups ensures data availability and recoverability in case of any accidental deletion, corruption, or system failure. NIST 800-53 Revision 5 is a set of security controls and guidelines provided by the National Institute of Standards and Technology (NIST) to protect and secure federal information systems.

Troubleshooting Steps:

1.

Check if the RDS DB instance has an automated backup enabled.

2.

Verify if the backup retention period is set to an appropriate value.

3.

Ensure that the backup window is scheduled to avoid conflicting with critical operations.

Remediation:

Step 1: Enable Automated Backups

Enabling automated backups ensures that regular backups of your RDS DB instance are performed automatically.

1.

Open the AWS Management Console and navigate to the Amazon RDS service.

2.

Select the desired RDS DB instance.

3.

Click on the "Modify" button in the top navigation bar.

4.

Scroll down to the "Backup" section.

5.

Check the "Enable automated backups" option.

6.

Set the desired "Backup retention period" which aligns with the NIST 800-53 Revision 5 guidelines.

7.

Click on the "Continue" button.

8.

Review the changes and click on the "Modify DB Instance" button to apply the changes.

Step 2: Verify Backup Retention Period

Ensure that the backup retention period is set to an appropriate value based on your organizational requirements and compliance with NIST 800-53 Revision 5.

1.

Open the AWS Management Console and navigate to the Amazon RDS service.

2.

Select the desired RDS DB instance.

3.

Scroll down to the "Backup" section.

4.

Check if the "Backup retention period" is set to the desired value.

Step 3: Schedule Backup Window

Configure the backup window to ensure it does not conflict with critical operations.

1.

Open the AWS Management Console and navigate to the Amazon RDS service.

2.

Select the desired RDS DB instance.

3.

Scroll down to the "Backup" section.

4.

Set the preferred backup window timing to a time when there are minimal database activities.

5.

Click on the "Apply Immediately" button to save the changes.

Additional Notes:

It is recommended to periodically test the restore functionality of the backups to ensure the data can be successfully recovered when needed. Regularly review and update the backup retention policy as per your organization's data protection and regulatory requirements. Ensure that backup-related processes and procedures are documented and communicated to the relevant stakeholders to maintain compliance with NIST 800-53 Revision 5.

Rule: RDS DB Instance Backup Should Be Enabled

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step 1: Enable Automated Backups

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step 2: Verify Backup Retention Period

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step 3: Schedule Backup Window

Is your System Free of Underlying Vulnerabilities? Find Out Now

Step 1: Enable Automated Backups

Step 2: Verify Backup Retention Period

Step 3: Schedule Backup Window

Is your System Free of Underlying Vulnerabilities?
Find Out Now