Rule: RDS Snapshots Should Prohibit Public Access

This rule ensures that RDS snapshots do not allow public access, critical for security.

Rule	RDS snapshots should prohibit public access
Framework	RBI Cyber Security Framework
Severity	✔ Critical

RDS Snapshot Public Access Prohibition for RBI Cyber Security Framework

Rule Description:

The Reserve Bank of India (RBI) Cyber Security Framework requires that RDS snapshots should prohibit public access. This rule is implemented to ensure the protection and confidentiality of sensitive data stored in RDS snapshots, following the security guidelines set forth by the RBI.

Troubleshooting Steps:

There is no specific troubleshooting required for this rule as it focuses on setting up proper access controls for RDS snapshots. However, if there are any issues with implementing the required configurations, the following troubleshooting steps can be followed:

1.

Verify IAM Role Policies: Ensure that the IAM roles associated with RDS instances have the necessary policies to restrict public access to snapshots.

2.

Check Network ACLs: Validate the Network Access Control Lists (ACLs) to ensure that they are not allowing public access to RDS snapshots.

3.

Confirm Security Group Configurations: Ensure that the security groups applied to the RDS instances do not have any inbound rules allowing public access to snapshots.

Necessary Codes:

There are no specific codes required for this rule. The required configurations can be made using the AWS Management Console or the AWS Command Line Interface (CLI).

Step-by-Step Guide for Remediation:

Follow these steps to prohibit public access for RDS snapshots:

1.

Step 1: Access the AWS Management Console or the AWS CLI.

2.

Step 2: Navigate to the Amazon RDS service.

3.

Step 3: Select the desired RDS instance.

4.

Step 4: Go to the "Snapshots" section.

5.

Step 5: Identify the snapshots that need to be modified and ensure they are not currently shared publicly.

6.

Step 6: Select the snapshot and click on the "Modify" button.

7.

Step 7: In the modify snapshot settings, locate the "Publicly Accessible" option and set it to "False" to prohibit public access.

8.

Step 8: Save the modifications.

9.

Step 9: Repeat steps 6-8 for any other snapshots that require changes.

10.

Step 10: After modifying all necessary snapshots, verify the changes by checking the settings of each snapshot to ensure that they are no longer publicly accessible.

Following these steps, you have successfully prohibited public access to the RDS snapshots, ensuring compliance with the RBI Cyber Security Framework.

Remember to periodically review and update the configurations as needed to maintain compliance and safeguard your data.

Rule: RDS Snapshots Should Prohibit Public Access

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Rule Description:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Troubleshooting Steps:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Necessary Codes:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step-by-Step Guide for Remediation:

Is your System Free of Underlying Vulnerabilities? Find Out Now

Rule Description:

Troubleshooting Steps:

Necessary Codes:

Step-by-Step Guide for Remediation:

Is your System Free of Underlying Vulnerabilities?
Find Out Now