Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Ensuring Rule Compliance: RDS DB Instance Backup Enabled

Check if RDS DB instance backup is enabled to adhere to the benchmark.

RuleRDS DB instance backup should be enabled
FrameworkNIST 800-53 Revision 5
Severity
Medium

Rule Description

The rule states that the backup functionality should be enabled for the Amazon RDS (Relational Database Service) DB instance, in compliance with NIST (National Institute of Standards and Technology) 800-53 Revision 5 security standards. Regularly backing up the DB instance helps in maintaining data availability and integrity, and aids in recovery during unexpected events such as accidental data deletion, system failures, or security incidents.

Troubleshooting Steps (if applicable)

If the backup functionality is not enabled for the RDS DB instance, you may encounter the following issues:

  1. 1.
    Inability to restore data: Without backups, it may be impossible to restore data in case of accidental data loss or corruption.
  2. 2.
    Compliance violations: Failure to enable backup for RDS instances violates NIST 800-53 security standards.
  3. 3.
    Data loss risk: Lack of backups increases the risk of permanent data loss during unforeseen events or system failures.

Solution

To comply with the rule and ensure that backups are enabled for the RDS DB instance, follow the step-by-step guide below:

Step 1: Identify the RDS DB instance

Identify the RDS DB instance for which you need to enable the backup functionality.

Step 2: Access the Amazon RDS console

  1. 1.
    Open the Amazon RDS console by navigating to the AWS Management Console (https://console.aws.amazon.com/rds/).
  2. 2.
    Ensure that you have the necessary permissions to access and modify RDS resources.

Step 3: Enable automated backups

  1. 1.
    In the RDS console, select the region where your DB instance resides from the top-right corner.
  2. 2.
    Click on "Databases" from the left navigation pane.
  3. 3.
    Select the desired DB instance from the list.
  4. 4.
    In the "Actions" dropdown menu, choose "Modify".
  5. 5.
    In the "Backup" section, select "Enable automatic backups".
  6. 6.
    Adjust the "Backup retention period" as per your requirement. The retention period defines how long the automated backups are retained. (Note: Compliance requirements might dictate a specific retention period.)
  7. 7.
    Click on "Apply immediately" to enable the changes immediately, or you can choose to schedule the modifications for a later time.

Step 4: Enable DB instance backups for RDS Aurora (if applicable)

If you are using Amazon Aurora, follow the additional steps below:

  1. 1.
    In the RDS console, select the region where your DB instance resides from the top-right corner.
  2. 2.
    Click on "Snapshots" from the left navigation pane.
  3. 3.
    Select the desired DB instance from the list.
  4. 4.
    In the "Actions" dropdown menu, choose "Modify".
  5. 5.
    In the "Backup" section, select "Enable backups".
  6. 6.
    Adjust the "Backup retention period" as per your requirement.
  7. 7.
    Click on "Apply immediately" to enable the changes immediately, or you can choose to schedule the modifications for a later time.

Verification

To verify that the backup functionality is enabled for the RDS DB instance:

  1. 1.
    In the RDS console, navigate to the region where your DB instance resides from the top-right corner.
  2. 2.
    Click on "Databases" from the left navigation pane.
  3. 3.
    Select the desired DB instance from the list.
  4. 4.
    Check the "Backup" section, and ensure that the automatic backups are enabled and the retention period is set correctly.
  5. 5.
    If using Amazon Aurora, also verify the backup settings in the "Snapshots" section.

By following these steps, you will ensure that the backup functionality is enabled for the RDS DB instance, aligning with the NIST 800-53 Revision 5 security standards.

Is your System Free of Underlying Vulnerabilities?
Find Out Now