This rule ensures that RDS DB instances have deletion protection enabled to prevent accidental deletion.
Rule | RDS DB instances should have deletion protection enabled |
Framework | NIST 800-53 Revision 5 |
Severity | ✔ Critical |
Rule Description
RDS DB instances should have deletion protection enabled to ensure compliance with NIST 800-53 Revision 5. Deletion protection prevents accidental deletion or termination of RDS instances, preserving critical data and ensuring the availability of the database.
Troubleshooting Steps
If deletion protection is not enabled for an RDS DB instance, follow these troubleshooting steps:
Verify RDS DB instance: Check if deletion protection is not enabled for the RDS DB instance that needs troubleshooting. You can find this information in the AWS Management Console or by using the AWS CLI.
Confirm NIST 800-53 Revision 5 requirement: Ensure that the specific requirement from NIST 800-53 Revision 5 necessitates deletion protection for RDS instances.
Check AWS account permissions: Verify if your AWS account has sufficient permissions to enable deletion protection for RDS DB instances.
Review RDS instance configuration: Examine the RDS instance configuration to identify any misconfigurations or discrepancies that could be preventing deletion protection.
Ensure appropriate data backups: While enabling deletion protection, ensure that proper automated backups are configured to provide data recovery options in case of any unforeseen issues.
Necessary Codes
No specific codes are required for this rule/policy.
Remediation Steps
Follow these steps to enable deletion protection for an RDS DB instance:
AWS Management Console:
AWS CLI:
<db-instance-arn>
with the ARN of the RDS DB instance:
aws rds modify-db-instance --db-instance-identifier <db-instance-arn> --deletion-protection
Conclusion
Enabling deletion protection for RDS DB instances ensures that accidental deletion or termination is prevented, aligning with the requirements of NIST 800-53 Revision 5. Following the troubleshooting steps and remediation guidelines provided in this document will help achieve and maintain compliance.