Skip to main content

Triage and Remediation

Remediation

Using Console

To remediate the misconfiguration of RDS Reserved Instances (RIs) not having corresponding DB instances in AWS, you can follow these steps using the AWS Management Console:
  1. Identify the Unused RDS Reserved Instances:
    • Go to the AWS Management Console and navigate to the RDS service.
    • Click on “Reserved Instances” in the left-hand menu to view all the reserved instances.
    • Look for RDS Reserved Instances that do not have corresponding active DB instances.
  2. Verify the Status of the DB Instances:
    • Check the status of the DB instances associated with the RDS Reserved Instances. Ensure that they are active and running.
  3. Associate RDS RIs with DB Instances:
    • If you find any RDS Reserved Instances that are not associated with any active DB instances, you can associate them by following these steps:
      • Select the unused RDS Reserved Instance.
      • Click on the “Actions” dropdown menu and select “Modify Reserved Instances”.
      • In the “Modify Reserved Instances” wizard, choose the active DB instance that you want to associate with the RI.
      • Click on “Add DB Instance” and select the appropriate DB instance.
      • Review the changes and click on “Modify Reserved Instances” to associate the RI with the DB instance.
  4. Verify the Association:
    • After associating the RDS Reserved Instances with the corresponding DB instances, verify that the association is successful.
    • Check the Reserved Instances dashboard to ensure that all RIs now have corresponding active DB instances.
By following these steps, you can remediate the misconfiguration of RDS Reserved Instances not having corresponding DB instances in AWS.

To remediate the misconfiguration where RDS Reserved Instances (RIs) do not have corresponding DB instances in AWS RDS using AWS CLI, follow these steps:
  1. Identify the unassociated RDS Reserved Instances: Run the following AWS CLI command to list all the RDS Reserved Instances: 
    aws rds describe-reserved-db-instances
  2. Identify the DB instances associated with each RDS Reserved Instance: Run the following AWS CLI command to list all the DB instances in your AWS account: 
    aws rds describe-db-instances
  3. Compare the RDS Reserved Instances with the DB instances to identify any unassociated RIs.
  4. Associate the unassociated RDS Reserved Instances with the corresponding DB instances: Run the following AWS CLI command to modify the RDS Reserved Instance to associate it with a specific DB instance: 
    aws rds modify-reserved-db-instances --reserved-db-instance-id <RI_ID> --db-instance-id <DB_INSTANCE_ID>
    Replace <RI_ID> with the ID of the unassociated RDS Reserved Instance and <DB_INSTANCE_ID> with the ID of the corresponding DB instance.
  5. Verify the association: Run the following AWS CLI command to describe the RDS Reserved Instance and verify that it is now associated with the correct DB instance: 
    aws rds describe-reserved-db-instances --reserved-db-instance-id <RI_ID>
    Replace <RI_ID> with the ID of the RDS Reserved Instance.
By following these steps, you can remediate the misconfiguration where RDS Reserved Instances do not have corresponding DB instances in AWS RDS using AWS CLI.
To remediate the misconfiguration of RDS Reserved Instances (RIs) not having corresponding DB instances in AWS using Python, you can follow these steps:
  1. List all the RDS Reserved Instances and DB Instances using the AWS SDK for Python (Boto3):
import boto3

client = boto3.client('rds')

# List all RDS Reserved Instances
response_ris = client.describe_reserved_db_instances()
reserved_instances = response_ris['ReservedDBInstances']

# List all RDS DB Instances
response_db_instances = client.describe_db_instances()
db_instances = response_db_instances['DBInstances']
  1. Create a dictionary mapping the DB Instance IDs to their corresponding RIs:
db_instance_ids = [db_instance['DBInstanceIdentifier'] for db_instance in db_instances]
ri_mapping = {}

for ri in reserved_instances:
    if ri['DBInstanceIdentifier'] in db_instance_ids:
        ri_mapping[ri['DBInstanceIdentifier']] = ri['ReservedDBInstanceId']
  1. Identify the RIs without corresponding DB Instances and release them:
for ri in reserved_instances:
    if ri['ReservedDBInstanceId'] not in ri_mapping.values():
        client.modify_reserved_db_instances(
            ReservedDBInstanceId=ri['ReservedDBInstanceId'],
            ApplyImmediately=True,
            ReservedDBInstanceOfferingId=ri['ReservedDBInstanceOfferingId']
        )
  1. Optionally, you can also create new RIs for the DB Instances that do not have corresponding RIs:
for db_instance in db_instances:
    if db_instance['DBInstanceIdentifier'] not in ri_mapping.keys():
        client.purchase_reserved_db_instances_offering(
            ReservedDBInstancesOfferingId='your_offering_id',
            DBInstanceIdentifier=db_instance['DBInstanceIdentifier'],
            DBInstanceClass=db_instance['DBInstanceClass'],
            Duration=1,  # Duration in years
            MultiAZ=db_instance['MultiAZ'],
            OfferingType='AllUpfront'  # Payment type
        )
  1. Run the Python script to remediate the misconfiguration of RDS RIs not having corresponding DB instances in AWS.
Please ensure that you have the necessary permissions and credentials set up to interact with AWS services using Boto3.