4.4 Ensure RDS event subscriptions are enabled for DB security groups

Information

AWS Relational Database Services offers customers a managed database engine solution for hosting customer created databases which can allow for a reduction in operational burden on customers.

RDS event subscriptions provide notification of selected event changes at a DB security group level.
Event subscriptions are designed to provide incident notification of events which may affect the network availability of the RDS instance.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Using the Amazon unified CLI:

* Create a new event subscription for DB Security Group events:

aws rds create-event-subscription --subscription-name <rds_event_subscription> --sns-topic-arn <sns_topic_arn> --source-type db-security-group --event-categories _<rds_events>_ --source-ids _<events_source_ids>_ --enabled

See Also

https://workbench.cisecurity.org/files/260

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-9

Plugin: amazon_aws

Control ID: dd309b6195cd99621864ea351487e6cdf0dfd4519b53666c7169d97be00f1616