Ensure that Amazon RDS event notification subscriptions are enabled for database security groups events. Amazon RDS groups these events into categories that you can subscribe to. For example, if you subscribe to the "Configuration Change" category for database security groups, you will be notified when the RDS security groups configuration is changed.
This rule can help you with the following compliance standards:
- APRA
- MAS
- NIST4
For further details on compliance standards supported by Conformity, see here.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
efficiency
excellence
Amazon RDS event subscriptions for database security groups are designed to provide incident notification of events that may affect the security, availability, and reliability of the RDS database instances associated with these security groups.
Audit
To determine if there are Amazon RDS event subscriptions created for database security groups within your AWS cloud account, perform the following actions:
Remediation / Resolution
To subscribe to Amazon RDS event notifications for database security groups, perform the following actions:
References
- AWS Documentation
- Amazon RDS FAQs
- Using Amazon RDS Event Notification
- Create a Topic
- Subscribe to a Topic
- CIS Amazon Web Services Foundations
- AWS Command Line Interface (CLI) Documentation
- rds
- describe-event-subscriptions
- create-event-subscription
- sns
- create-topic
- subscribe
- confirm-subscription