Ensure auto minor version upgrade is enabled for AWS Database Migration Service (DMS) instances

MEDIUM

Description

Minor version updates are not configured, this can probably impact security best practices.

Remediation

In AWS Console -

Sign in to the AWS Console and go to the AWS DMS Console.
Select Replication Instances in the navigation pane.
Select the instance you want to modify.
Modify auto minor version upgrade and select apply changes immediately.

In Terraform -

In the aws_dms_replication_instance resource, set the auto_minor_version_upgrade field to true.

References:
https://docs.aws.amazon.com/dms/latest/userguide/CHAP_ReplicationInstance.Modifying.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/dms_replication_instance

Policy Details

Rule Reference ID: AC_AWS_0070

CSP: AWS

Remediation Available: Yes

Domain: Security Best Practices

Resource: aws_dms_replication_instance

Resource Category: Database

Resource Type: Migration Service

Frameworks

GDPR
HIPAA
NIST-800-171
NIST-800-53
NIST-CSF
PCI-DSSv3.2.1
PCI-DSSv4.0