This rule ensures that RDS DB instance backup is enabled to maintain data integrity and security.
Rule | RDS DB instance backup should be enabled |
Framework | NIST 800-53 Revision 5 |
Severity | ✔ Medium |
Rule Description:
To comply with NIST 800-53 Revision 5, the backup feature should be enabled for all RDS (Relational Database Service) DB instances. Enabling backups helps to ensure data integrity, availability, and recoverability in case of any issues or failures. This rule ensures that appropriate measures are in place to protect data stored in RDS DB instances.
Troubleshooting Steps:
If backups are not enabled for an RDS DB instance, follow these troubleshooting steps to enable it:
Necessary Codes:
There are no specific codes necessary for this rule, as it involves enabling a feature within the AWS Management Console or using AWS CLI commands.
Step-by-Step Guide for Remediation:
To enable backups for an RDS DB instance, follow these step-by-step instructions:
Note: Enabling backups may have cost implications, as storage is required to store the backup files. Ensure that you have sufficient storage capacity or adjust the retention period accordingly.
CLI Command for Enabling Backups:
If you prefer using the AWS Command Line Interface (CLI), you can enable backups for an RDS DB instance using the following command:
aws rds modify-db-instance --db-instance-identifier <DB Instance Identifier> --backup-retention-period <Retention Period in days> --apply-immediately
Replace
<DB Instance Identifier>
with the actual identifier of your RDS DB instance and <Retention Period in days>
with the desired number of days to retain backups.Summary:
Enabling backups for RDS DB instances ensures compliance with NIST 800-53 Revision 5. Following the provided troubleshooting steps and using either the AWS Management Console or CLI commands, you can easily enable backups and protect the data stored in your RDS infrastructure. Always remember to monitor the status and storage usage of the DB instances after enabling backups.