Best practice rules for Amazon Neptune
Trend Micro Cloud One™ – Conformity monitors Amazon Neptune with the following rules:
- IAM Database Authentication for Neptune
Ensure IAM Database Authentication feature is enabled for Amazon Neptune clusters.
- Neptune Desired Instance Type
Ensure that all your Amazon Neptune database instances are of a given type.
- Neptune Auto Minor Version Upgrade
Ensure Amazon Neptune instances have Auto Minor Version Upgrade feature enabled.
- Neptune Database Backup Retention Period
Ensure AWS Neptune clusters have a sufficient backup retention period set for compliance purposes.
- Neptune Database Encrypted With KMS Customer Master Keys
Ensure that AWS Neptune instances enforce data-at-rest encryption using KMS CMKs.
- Neptune Database Encryption Enabled
Ensure that Amazon Neptune graph database instances are encrypted.
- Neptune Multi-AZ
Ensure that Amazon Neptune database clusters have the Multi-AZ feature enabled.