Rule: RDS DB Instance Backup should be enabled
This rule ensures that RDS DB instance backup is enabled to maintain data integrity and quick recovery.
| Rule | RDS DB instance backup should be enabled |
| Framework | RBI Cyber Security Framework |
| Severity | ✔ Medium |
Rule Description:
RDS (Relational Database Service) DB instance backup should be enabled to comply with the RBI (Reserve Bank of India) Cyber Security Framework. This rule ensures that regular backups are taken for RDS databases to mitigate the risk of data loss or corruption.
Troubleshooting Steps:
If the RDS DB instance backup is not enabled, follow the steps below to troubleshoot and enable it:
- 1.
Check current backup status: Verify if the RDS database has backup enabled or disabled. Log in to the AWS Management Console and navigate to the RDS service.
- 2.
Select the appropriate region: Ensure you are in the correct AWS region where the RDS DB instance is located.
- 3.
Find the target DB instance: Locate the specific RDS DB instance that needs to have backup enabled.
- 4.
Check backup settings: Click on the DB instance and navigate to the "Backups & restore" section.
- 5.
Check automatic backup settings: Confirm if the automatic backup feature is enabled. If it is already enabled, proceed to the next step. Otherwise, follow the steps below to enable it.
- 6.
Enable automatic backup: Under the "Backup retention period" option, specify the number of days for which you want to retain automated backups.
- 7.
Configure backup window: Set up a backup window that ensures minimal impact on application performance. Select a time when the system experiences lower load or user activity.
- 8.
Save the changes: Click on the "Apply immediately" button to save the changes and enable automatic backups.
Necessary Codes:
There are no specific codes to provide for this rule, as it involves configuring settings through the AWS Management Console.
Step-by-Step Guide for Remediation:
Follow the step-by-step guide below to remediate the RDS DB instance backup not being enabled for RBI Cyber Security Framework:
- 1.
Log in to the AWS Management Console.
- 2.
Navigate to the RDS service.
- 3.
Ensure that you are in the correct AWS region where the RDS DB instance requiring backup enablement is located.
- 4.
Identify the target RDS DB instance.
- 5.
Check the backup settings for the DB instance by clicking on it.
- 6.
If the automatic backup feature is already enabled, proceed to step 10. Otherwise, continue to the next step.
- 7.
Under the "Backups & restore" section, locate the "Backup retention period" option.
- 8.
Specify the number of days for which you want to retain automated backups.
- 9.
Set up a backup window that ensures minimal impact on application performance.
- 10.
Click on the "Apply immediately" button to save the changes and enable automatic backups.
- 11.
Verify that the backup status has changed to enabled.
- 12.
Ensure that backups are being taken periodically by monitoring the backup history and logs.
- 13.
Regularly test the restoration process to validate the backups' integrity and reliability.
- 14.
Document the backup configuration details, including backup retention period, backup window, and backup frequency.
- 15.
Regularly review and update the backup settings based on evolving requirements and best practices.
By following these steps, you will enable RDS DB instance backups in line with the RBI Cyber Security Framework.