Detections
Analytics

Ensure event subscriptions are enabled for instance level events

MEDIUM

Description

Event subscriptions use Simple Notification Service (Amazon SNS) to send notifications which can help ensure high-priority events are addressed in a timely manner. For more information, see the AWS documentation.
References:
https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Events.html

Remediation

In AWS Console -

  1. Sign in to the AWS Console and go to the Amazon RDS console.
  2. Select Event subscriptions in navigation pane.
  3. Select Create event subscription in the Event subscriptions pane.
  4. In the Create event subscription dialog box, do the following:
    a. Enter a name for the event notification subscription.
    b. Select an existing Amazon SNS ARN for an Amazon SNS topic, or select create topic to select an existing topic and a list of recipients.
    c. Select a source type.
    d. Select Yes to enable the subscription.
    e.Select the event categories and sources that you want to receive event notifications for.
    f.Click Create.

In Terraform -

  1. In an aws_db_event_subscription resource, set source_type to db-security-group.

References:
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_event_subscription#source_type

Policy Details

Rule Reference ID: AC_AWS_0051
CSP: AWS
Remediation Available: Yes
Domain: Logging and Monitoring
Resource: aws_db_event_subscription
Resource Category: Database
Resource Type: DB Instance

Frameworks