22

RDS Config Rules

Last Update vor 21 Tagen

AWS Config Rule: RDS Storage Encrypted AWS Config Rule: RDS Instance Public Access Check AWS Config Rule: RDS DB Security Group Not Allowed AWS Config Rule: Aurora MySQL Backtracking Enabled AWS Config Rule: RDS Snapshot Encrypted

AWS Config Rule: RDS Enhanced Monitoring Enabled

RDS_ENHANCED_MONITORING_ENABLED

Fernando Honig

Last Update vor 9 Monaten

Description: Checks whether enhanced monitoring is enabled for Amazon Relational Database Service (Amazon RDS) instances.


Trigger type: Configuration changes


AWS Region: All supported AWS regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Spain), Europe (Zurich) Region

How to Resolve Manually

To enable enhanced monitoring on your RDS Instances, you will need to head to the Additional Configuration -> Monitoring section of your instance to enable this if it is not already.


You will be able to set the Granularity and Monitoring Role (creating a new database with this set to "default" will authorize RDS to create the IAM role rds-monitoring-role)


You are also able to set the log types to publish to Amazon CloudWatch Logs, they are:

  • Audit Log
  • Error Log
  • General Log
  • Slow Query Log

How to Resolve with StackZone

StackZone can automatically resolve your non-compliant RDS DB Instances by running an automation script to enable enhanced monitoring for you.


To enable this remediation, within the StackZone console head on over to Baseline Services -> AWS Config Rules Regional -> Amazon RDS and enable RDS Enhanced Monitoring Enabled Remediation

Want to know more about StackZone and how to make your cloud management simple and secure?

Check our how it works section with easy to follow videos or just create your own StackZone Account here

Was this article helpful?

1 out of 1 liked this article

Still need help? Message Us