Detections
Analytics

Ensure latest generation of instance classes is used by Amazon Relational Database Service (Amazon RDS) instances

MEDIUM

Description

AWS RDS instances are not using the latest generation of instance classes for cost and performance improvements.

Remediation

In AWS Console -

  1. Sign in to the AWS Console and open the RDS Console.
  2. Select Databases in the RDS navigation pane.
  3. Choose the database instance you wish to edit and select Modify.
  4. Under Instance configuration, select the DB instance class and choose the size and generation of the instance you wish to use.
  5. Select Continue, then if you wish for the changes to take immediate effect, select Apply immediately. Note: this will initiate a reboot.
  6. Select Modify DB instance.

In Terraform -

  1. In the aws_rds_cluster_instance resource, set the instance_class to the class/size you wish to use.
  2. If you wish for the changes to take immediate effect, set the apply_immediately field to true. Note: this will initiate a reboot.

References:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#Concepts.DBInstanceClass.Changing
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster_instance#instance_class

Policy Details

Rule Reference ID: AC_AWS_0194
CSP: AWS
Remediation Available: Yes
Domain: Compliance Validation
Resource: aws_rds_cluster_instance
Resource Category: Database
Resource Type: Relational Database Service (RDS)

Frameworks