Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Enable RDS DB Instance and Cluster Enhanced Monitoring Rule

This rule requires enabling enhanced monitoring for RDS DB instances and clusters.

RuleRDS DB instance and cluster enhanced monitoring should be enabled
FrameworkFedRAMP Low Revision 4
Severity
High

Rule Name: RDS DB Instance and Cluster Enhanced Monitoring Enabled (FedRAMP Low Revision 4)

Description: To meet the security requirements of FedRAMP Low Revision 4, it is necessary to enable enhanced monitoring for Amazon RDS DB instances and clusters. Enhanced monitoring provides additional visibility into the performance and resource utilization of your RDS instances, helping you monitor and troubleshoot any issues effectively.

Troubleshooting Steps (if monitoring is not enabled):

  2. 1.
    Check if the RDS DB instance or cluster is in the default VPC or a custom VPC.
  4. 2.
    Verify that the AWS CLI or SDK is installed and configured on your system.
  6. 3.
    Ensure that you have the required permissions to enable enhanced monitoring for RDS instances.

Necessary Code (AWS CLI): The following AWS CLI command can be used to enable enhanced monitoring for an RDS DB instance or cluster:

aws rds modify-db-instance --db-instance-identifier <DB_INSTANCE_IDENTIFIER> --monitoring-interval <MONITORING_INTERVAL>

Replace 

<DB_INSTANCE_IDENTIFIER>
with the identifier of your RDS DB instance or cluster. Replace 
<MONITORING_INTERVAL>
with the desired monitoring interval, such as 1 or 5 minutes.

Step-by-Step Guide for Enabling Enhanced Monitoring:

  2. 1.
    Open the AWS Management Console and navigate to the Amazon RDS service.
  4. 2.
    Select the appropriate region where the RDS instance or cluster is located.
  6. 3.
    Click on "DB Instances" or "Clusters" in the left navigation pane, depending on the resource type you want to enable enhanced monitoring for.
  8. 4.
    Locate the specific RDS DB instance or cluster and click on its name to open the details page.
  10. 5.
    Click on the "Configuration" tab.
  12. 6.
    In the "Monitoring and Enhanced Monitoring" section, click on the "Modify" button.
  14. 7.
    In the "Monitoring" dropdown, select the desired monitoring interval (e.g., 1 or 5 minutes).
  16. 8.
    Click on the "Continue" button.
  18. 9.
    Review the changes and click on the "Modify DB Instance" or "Modify Cluster" button to apply the changes.

Note: The modification may cause a brief interruption in connectivity. However, it should not affect the availability or durability of the RDS instance or cluster.

By following the above steps, you will successfully enable enhanced monitoring for the RDS instances or clusters and meet the FedRAMP Low Revision 4 requirements.

Is your System Free of Underlying Vulnerabilities?
Find Out Now