Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: RDS DB instance multiple AZ should be enabled

This rule ensures RDS DB instances have multiple Availability Zone support enabled for fault tolerance and high availability.

RuleRDS DB instance multiple az should be enabled
FrameworkNIST Cybersecurity Framework (CSF) v1.1
Severity
Low

Rule Description

Enabling multiple Availability Zones (AZs) for an Amazon RDS DB instance is recommended as a best practice for securing your environment according to the NIST Cybersecurity Framework (CSF) v1. This rule aims to enhance the resilience, availability, and disaster recovery capabilities of your RDS instances.

Multiple AZ deployment means that your RDS DB instance will be replicated across multiple AWS Availability Zones, ensuring that if one AZ becomes unavailable, your database can still remain operational by automatically failing over to a healthy AZ.

Troubleshooting Steps

Step 1: Verify RDS DB instance availability zones

  1. 1.
    Log in to your AWS Management Console.
  2. 2.
    Open the Amazon RDS console.
  3. 3.
    Click on "DB instances" in the left-hand menu.
  4. 4.
    Locate the RDS DB instance in question and note the "Availability Zone" column value.

Step 2: Check if multiple AZs are enabled

  1. 1.
    Select the RDS DB instance.
  2. 2.
    In the "Details" tab, check if the "Multi-AZ" value is set to "Yes".

Step 3: Enable multiple AZs

If the "Multi-AZ" value is set to "No", follow these steps to enable multiple AZs:

  1. 1.
    Select the RDS DB instance.
  2. 2.
    Click on the "Modify" button.
  3. 3.
    In the "Availability & durability" section, select the option for "Enable Multi-AZ".
  4. 4.
    Review the other settings and modify them if necessary.
  5. 5.
    Click "Continue" and then "Modify DB instance" to apply the changes.

Necessary Codes

No specific code snippets are required for enabling multiple Availability Zones for an RDS DB instance as it can be done directly through the AWS Management Console.

Remediation Steps

To enable multiple Availability Zones for an RDS DB instance, follow these steps:

  1. 1.
    Log in to your AWS Management Console.
  2. 2.
    Open the Amazon RDS console.
  3. 3.
    Click on "DB instances" in the left-hand menu.
  4. 4.
    Locate the RDS DB instance that needs modification and select it.
  5. 5.
    Click on the "Modify" button.
  6. 6.
    In the "Availability & durability" section, select the option for "Enable Multi-AZ".
  7. 7.
    Review the other settings and modify them if necessary.
  8. 8.
    Click "Continue" and then "Modify DB instance" to apply the changes.

Additional Information

Enabling multiple Availability Zones for your RDS DB instance offers increased fault tolerance and disaster recovery capabilities. This setup ensures that your database remains highly available even if an entire AWS Availability Zone becomes unavailable due to infrastructure failures, natural disasters, or other unforeseen circumstances. It is recommended to have multiple AZs enabled for critical production databases to minimize downtime and provide seamless failover capabilities.

Is your System Free of Underlying Vulnerabilities?
Find Out Now