More Info:

Amazon Backup should be integrated with Amazon Relational Database Service (RDS) in order to manage RDS database instance snapshots and improve the reliability of your backup strategy.

Risk Level

Low

Address

Reliability, Security

Compliance Standards

CBP, AWSWAF, SOC2, NISTCSF, PCIDSS

Remediation

How to enable amazon backup for AWS RDS

Using AWS Console

  1. Open the AWS Management Console and navigate to the Amazon RDS service.
  2. Click on the name of the RDS instance for which you want to enable Amazon Backup integration. (In the Cloudanix Console, navigate to “Misconfig” page and look for Affected Assets for “Amazon Backup Should Be Integrated with Amazon RDS” Policy.)
  3. In the instance details page, click on the “Configuration” tab.
  4. Under the “Backup” section, click on the “Enable automatic backups” checkbox if it is not already selected. Enabling automatic backups ensures that regular snapshots are taken for your RDS instance.
  5. Scroll down to the “Backup retention period” setting and specify the number of days you want to retain your automated backups. Choose a value that meets your retention requirements.
  6. Next, under the “Backup window” setting, define the preferred time window during which Amazon RDS can perform automated backups. This should be a time when your database has low activity to minimize any impact.
  7. In the “Backup encryption” section, select the checkbox for “Enable” to enable encryption for your automated backups. You can choose to use the default AWS managed key (AWS KMS) or specify your own Customer Master Key (CMK) for encryption.
  8. Once you have configured the backup settings, scroll to the bottom of the page and click on the “Modify DB instance” button to save the changes.
  9. After the modifications are applied, Amazon Backup is automatically integrated with your RDS instance. It will start managing the automated backups based on the specified retention period and backup window.
  10. To view and manage your RDS backups through Amazon Backup, you can navigate to the AWS Backup console. Here, you can monitor the backup status, restore your database from a backup, and set up additional backup policies if needed.

Additional Reading: