AWS Introduction
AWS Pricing
AWS Threats
AWS Misconfigurations
- Getting Started with AWS Audit
- Permissions required for Misconfigurations Detection
- API Gateway Audit
- Cloudformation Audit
- CloudFront Audit
- CloudTrail Audit
- Cloudwatch Audit
- DynamoDB Audit
- EC2 Audit
- Elastic Search Audit
- ELB Audit
- IAM Audit
- KMS Audit
- Kubernetes Audit
- Lambda Audit
- RDS Audit
- Redshift Audit
- Route53 Audit
- S3 Audit
- Security Groups Audit
- SES Audit
- SNS Audit
- IAM Deep Dive
- App Sync Audit
- Code Build Audit
- Open Search Audit
- Shield Audit
- SQS Audit
Event Notification Subscriptions Should Be Enabled
More Info:
Amazon RDS event notification subscriptions should be enabled for database instance level events.
Risk Level
Low
Address
Reliability, Operational Maturity, Security
Compliance Standards
CBP
Triage and Remediation
Remediation
To remediate the misconfiguration of Event Notification Subscriptions not being enabled for an AWS RDS instance using the AWS console, follow these steps:
-
Login to AWS Console: Go to the AWS Management Console (https://aws.amazon.com/console/) and login using your credentials.
-
Navigate to RDS Service: From the AWS Management Console, navigate to the RDS service by clicking on “Services” in the top left corner, then selecting “RDS” under the Database category.
-
Select the RDS Instance: In the RDS dashboard, select the RDS instance for which you want to enable Event Notification Subscriptions by clicking on the checkbox next to the instance.
-
Enable Event Notification Subscriptions: With the RDS instance selected, click on the “Modify” button from the top menu to modify the instance settings.
-
Scroll down to Event Subscriptions: In the Modify DB Instance window, scroll down to the “Event Subscriptions” section.
-
Add Event Subscription: Click on the “Add Event Subscription” button to create a new event subscription for the RDS instance.
-
Configure Event Subscription: Configure the event subscription by selecting the events you want to be notified about, the SNS topic to which the notifications should be sent, and any other relevant settings.
-
Save Changes: Once you have configured the event subscription, click on the “Add Event Subscription” button to save the changes.
-
Verify Configuration: After saving the changes, verify that the Event Notification Subscription has been successfully enabled for the RDS instance by checking the Event Subscriptions section in the RDS dashboard.
By following these steps, you will successfully remediate the misconfiguration of Event Notification Subscriptions not being enabled for an AWS RDS instance using the AWS console.
To remediate the misconfiguration of Event Notification Subscriptions not being enabled for AWS RDS using AWS CLI, you can follow these steps:
-
List current event subscriptions: First, you need to list the current event subscriptions for your RDS instance to check if there are any existing subscriptions. You can use the following AWS CLI command:
aws rds describe-event-subscriptions -
Enable Event Notification Subscription: If there are no existing event subscriptions or the required subscriptions are not enabled, you can create a new event subscription using the following AWS CLI command:
aws rds create-event-subscription --subscription-name <subscription-name> --sns-topic-arn <sns-topic-arn> --source-type db-instance --source-ids <rds-instance-identifier> --event-categories <event-categories>- Replace
<subscription-name>with a name for your event subscription. - Replace
<sns-topic-arn>with the ARN of the SNS topic to which you want to send the notifications. - Replace
<rds-instance-identifier>with the identifier of your RDS instance. - Replace
<event-categories>with the specific event categories you want to subscribe to (e.g.,availability,backup,failure,notification, etc.).
- Replace
-
Verify Event Subscription: After creating the event subscription, you can verify if it has been successfully created by listing the event subscriptions again using the
describe-event-subscriptionscommand.
By following the above steps and enabling Event Notification Subscriptions for your AWS RDS instance using the AWS CLI, you can remediate the misconfiguration and ensure that you receive important notifications about events occurring in your RDS environment.
To remediate the misconfiguration of Event Notification Subscriptions not being enabled for an AWS RDS instance using Python, you can use the AWS SDK for Python (Boto3) to enable the event subscriptions. Here are the step-by-step instructions to remediate this issue:
- Install Boto3: If you haven’t already installed the Boto3 library, you can do so using pip:
pip install boto3
-
Configure AWS Credentials: Make sure you have configured your AWS credentials either by setting environment variables or using the AWS CLI
aws configurecommand. -
Write a Python script to enable Event Notification Subscriptions for the RDS instance. Here is an example script:
import boto3
def enable_event_subscription(rds_instance_identifier, sns_topic_arn):
client = boto3.client('rds')
response = client.create_event_subscription(
SubscriptionName='my-rds-event-subscription',
SnsTopicArn=sns_topic_arn,
SourceType='db-instance',
SourceIds=[rds_instance_identifier],
EventCategories=[
'availability',
'backup',
'configuration change',
'creation',
'deletion',
'failover',
'failure',
'maintenance',
'notification',
'recovery',
'restoration'
]
)
print(response)
# Replace 'my-rds-instance' with your RDS instance identifier
rds_instance_identifier = 'my-rds-instance'
# Replace 'my-sns-topic-arn' with the ARN of your SNS topic
sns_topic_arn = 'my-sns-topic-arn'
enable_event_subscription(rds_instance_identifier, sns_topic_arn)
-
Replace
'my-rds-instance'with the identifier of your RDS instance and'my-sns-topic-arn'with the ARN of the SNS topic to which you want to subscribe for RDS events. -
Run the Python script. This will create an event subscription for the specified RDS instance that sends notifications to the specified SNS topic for the specified event categories.
By following these steps and running the Python script, you can successfully enable Event Notification Subscriptions for an AWS RDS instance using Python.