Ensure RDS Aurora clusters are protected by a backup plan as per Protect (PR) control.
Rule | RDS Aurora clusters should be protected by backup plan |
Framework | NIST Cybersecurity Framework (CSF) v1.1 |
Severity | ✔ Medium |
Rule Description: RDS Aurora clusters should be protected by a backup plan for NIST Cybersecurity Framework (CSF) v1
NIST Cybersecurity Framework (CSF) v1 provides a set of best practices to manage and improve the cybersecurity posture of organizations. One of the key recommendations is to have a robust backup plan in place to protect critical data. This rule focuses on ensuring that RDS Aurora clusters, a scalable and highly available relational database service provided by AWS, have a backup plan implemented in accordance with the CSF guidelines.
Troubleshooting steps:
Verify RDS Aurora backup configuration:
Check backup frequency:
Verify backup storage:
Necessary Codes:
There are no specific codes required for this rule. However, you may need to run AWS CLI commands to configure or verify the backup settings if it cannot be done through the console.
Step-by-Step Guide for Remediation:
Navigate to the RDS service in the AWS Management Console.
Select the appropriate Aurora cluster that needs to be protected by a backup plan.
Click on the "Backup & Restore" tab in the cluster details.
Enable automated backups if not already enabled:
Review backup frequency:
Evaluate backup storage capacity:
Ensure geographic redundancy:
Periodically review and test the backup plan:
By following the above steps, you will effectively implement a backup plan for RDS Aurora clusters in compliance with the NIST Cybersecurity Framework version 1.