Rule: RDS DB Instance Protected by Backup Plan

Rule Description:

Troubleshooting Steps:

2. 1.
   Verify if there is an existing backup plan for the RDS DB instance.
4. 2.
   Check if the backup plan is properly configured and scheduled as per the SOC 2 requirements.
6. 3.
   Ensure that the backup plan is being executed regularly and successfully.

Necessary Codes:

aws rds create-db-snapshot --db-instance-identifier <db-instance-identifier> --db-snapshot-identifier <db-snapshot-identifier>

<db-instance-identifier>

<db-snapshot-identifier>

Step-by-Step Guide for Remediation:

2. 1.
   Log in to the AWS Management Console.
4. 2.
   Navigate to the Amazon RDS service.
6. 3.
   Click on "Databases" in the left-hand navigation menu.
8. 4.
   Select the RDS DB instance that needs to be protected by a backup plan.
10. 5.
    Click on the "Backup" tab.
12. 6.
    Check if a backup plan exists. If not, proceed to the next step.
14. 7.
    Click on the "Create snapshot" button.
16. 8.
    In the "DB snapshot identifier" field, enter a unique name for the DB snapshot.
18. 9.
    Click on the "Create snapshot" button to initiate the backup plan creation process.
20. 10.
    Validate that the backup plan has been created successfully.
22. 11.
    Configure a regular backup schedule for the RDS DB instance.
24. 12.
    Set retention periods for the snapshots according to your organization's requirements and SOC 2 standards.
26. 13.
    Monitor the backup process to ensure that backups are completed successfully.
28. 14.
    Regularly review and update the backup plan if necessary to meet evolving business and compliance needs.