Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: RDS DB Instance and Cluster Enhanced Monitoring Should Be Enabled

This rule ensures that RDS DB instance and cluster enhanced monitoring is enabled for improved security and monitoring.

RuleRDS DB instance and cluster enhanced monitoring should be enabled
FrameworkNIST 800-53 Revision 5
Severity
High

Title: Enable Enhanced Monitoring for RDS DB Instances and Clusters to Comply with NIST 800-53 Revision 5

Description: According to NIST 800-53 Revision 5, it is recommended to enable enhanced monitoring for RDS DB instances and clusters. Enhanced monitoring provides additional insights into the performance and resource utilization of your RDS environment. By enabling this feature, you can collect and analyze metrics that aid in troubleshooting, performance optimization, and capacity planning.

Troubleshooting Steps: The process of enabling enhanced monitoring for RDS DB instances and clusters is straightforward. However, if you encounter any issues during the configuration, please follow these troubleshooting steps:

  1. 1.

    Verify IAM Permissions: Ensure that the IAM role associated with your RDS DB instances and clusters has the necessary permissions to enable enhanced monitoring. If you encounter permission errors, adjust the IAM policies accordingly.

  2. 2.

    Check Compatibility: Confirm that the RDS DB engine and version you are using supports enhanced monitoring. Some older versions may not have this feature available. If so, consider upgrading your RDS engine to a compatible version.

  3. 3.

    Review Security Groups: Ensure that the necessary inbound and outbound rules are configured in the security groups associated with your RDS instances to allow communication with the enhanced monitoring service. Check for any misconfigured rules that might be blocking the required traffic.

  4. 4.

    Log and Error Analysis: If you are experiencing issues related to enabling enhanced monitoring, review the AWS CloudWatch Logs and error messages for further insights. These logs can provide detailed information about any failures or exceptions encountered during the process.

  5. 5.

    Contact AWS Support: If the above steps do not resolve the issue, reach out to AWS Support for further assistance. Provide them with the relevant error messages and any troubleshooting steps you have already taken.

Necessary Codes: No specific codes are required to enable enhanced monitoring for RDS DB instances and clusters. The configuration can be done entirely through the AWS Management Console or through AWS CLI commands, if preferred.

Step-by-Step Guide to Enable Enhanced Monitoring using AWS Management Console:

  1. 1.
    Sign in to the AWS Management Console.
  2. 2.
    Navigate to the Amazon RDS service.
  3. 3.
    Select the appropriate region where your RDS DB instances/clusters are located.
  4. 4.
    In the left-hand menu, click on "Databases" to view your DB instances or "Clusters" to view your DB clusters.
  5. 5.
    Choose the specific DB instance/cluster for which you want to enable enhanced monitoring.
  6. 6.
    In the "Instance Actions" or "Cluster Actions" dropdown menu, select "Modify."
  7. 7.
    Expand the "Monitoring and Enhanced Monitoring" section.
  8. 8.
    Enable the checkbox for "Enhanced monitoring" and select the desired granularity (e.g., 1-second resolution, 5-second resolution).
  9. 9.
    Scroll down and click "Continue" to proceed with the modification.
  10. 10.
    Review the summary of changes and click "Modify DB instance/cluster" to apply the changes.
  11. 11.
    Wait for the modification to complete. The enhanced monitoring feature will be enabled for the selected DB instance/cluster.

Please note that it can take a few minutes for the enhanced monitoring data to start populating in the CloudWatch console.

Conclusion: By following the above steps, you can easily enable enhanced monitoring for your RDS DB instances and clusters, ensuring compliance with NIST 800-53 Revision 5. This feature provides valuable insights for monitoring and managing your RDS environment's performance and resource utilization.

Is your System Free of Underlying Vulnerabilities?
Find Out Now