An RDS event subscription for critical instance events does not exist

Logging and monitoring

An RDS event subscription for critical instance events does not exist

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

AWS Foundational Security Best Practices Controls
GDPR
HITRUST
NIST 800-53

Description

RDS event subscription resource allows you to receive notifications for RDS events through an Amazon Simple Notification Service (SNS). RDS event subscriptions for instances events are designed to provide incident notification of event changes triggered at the database engine. Events such as maintenance, configuration change, and failure are critical instance events. We detected that AWS account {CloudAccount} does not have an RDS event notifications subscription enabled for critical database instance events.

Recommended Mitigation

We recommend to create an RDS event notifications subscription enabled for critical database instance events. For more information: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp-controls.html#fsbp-rds-20

An RDS event subscription for critical instance events does not exist

Description

Need help?