Rule: RDS DB Instance and Cluster Enhanced Monitoring Should Be Enabled
This rule ensures that RDS DB instance and cluster enhanced monitoring is enabled to enhance performance.
| Rule | RDS DB instance and cluster enhanced monitoring should be enabled |
| Framework | NIST Cybersecurity Framework (CSF) v1.1 |
| Severity | ✔ High |
Rule Description
RDS DB instance and cluster enhanced monitoring should be enabled for NIST Cybersecurity Framework (CSF) v1.
The NIST Cybersecurity Framework (CSF) provides a set of guidelines and best practices for organizations to manage and improve their cybersecurity risk management programs. One of the key components for effective cybersecurity is monitoring and visibility into the systems and networks.
To comply with the NIST CSF v1 framework, it is recommended to enable enhanced monitoring for Amazon RDS DB instances and clusters. Enhanced monitoring provides detailed insights into the performance metrics of the RDS instances, including CPU utilization, memory usage, disk I/O, and network traffic. By enabling enhanced monitoring, organizations can gain better visibility into their database instances and identify any potential security or performance issues.
Troubleshooting Steps
If enhanced monitoring is not enabled for RDS instances, follow these troubleshooting steps:
- 1.
Verify if the enhanced monitoring option is available for your RDS instance or cluster by checking the Amazon RDS documentation.
- 2.
Ensure that you have sufficient permissions to enable enhanced monitoring. The IAM user or role associated with your AWS account should have the necessary permissions to modify the RDS instance settings.
- 3.
Check if the RDS instance or cluster is in a compatible region. Enhanced monitoring may not be available in all AWS regions. Refer to the AWS Regional Services List to confirm if your region supports enhanced monitoring.
- 4.
Ensure that the RDS instance or cluster has the necessary resources to enable enhanced monitoring. Make sure that there is enough storage space available for the enhanced monitoring data.
- 5.
If you are experiencing any issues while enabling enhanced monitoring, check the AWS CloudTrail logs for any error messages or tracebacks. This can provide valuable information about the underlying problem.
Necessary Codes
No specific codes are required for enabling RDS enhanced monitoring as it is a configuration setting in the AWS Management Console or using AWS CLI commands.
Step-by-Step Guide for Remediation
To enable enhanced monitoring for RDS DB instances and clusters, follow these steps:
- 1.
Open the AWS Management Console and navigate to the Amazon RDS service.
- 2.
Select the desired RDS DB instance or cluster for which you want to enable enhanced monitoring.
- 3.
Click on the "Modify" button to modify the settings of the selected RDS instance or cluster.
- 4.
In the "Enhanced Monitoring" section, enable the Enhanced Monitoring checkbox.
- 5.
Select the desired monitoring interval, which determines how frequently the enhanced monitoring data will be collected.
- 6.
Choose the desired role from the "Enhanced Monitoring Role" dropdown. If you don't have an existing role, you can create a new one with the necessary permissions.
- 7.
Click on the "Apply Immediately" button to apply the changes to the RDS instance or cluster.
- 8.
The enhanced monitoring will be enabled for the selected RDS instance or cluster. You can now view and analyze the enhanced monitoring metrics from the Amazon CloudWatch console.
Note: Enabling enhanced monitoring may incur additional costs for the storage and data transfer associated with the monitoring data. Make sure to review the AWS Pricing documentation for the latest pricing details.
By following these steps, you have successfully enabled enhanced monitoring for RDS DB instances and clusters in compliance with the NIST CSF v1 framework. This will provide you with detailed insights into the performance metrics of your RDS resources, enhancing your overall cybersecurity posture.