An RDS event subscription for critical parameter group events does not exist

Logging and monitoring

An RDS event subscription for critical parameter group events does not exist

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

AWS Foundational Security Best Practices Controls
GDPR
HITRUST
NIST 800-53

Description

RDS event subscription resource allows you to receive notifications for RDS events through an Amazon Simple Notification Service (SNS). RDS event subscriptions for parameter groups events are designed to provide incident notification of event changes triggered at the database parameter groups. Event such as configuration change is critical parameter group events. We detected that AWS account {CloudAccount} does not have an RDS event notifications subscription enabled for critical database parameter group events.

Recommended Mitigation

We recommend to create an RDS event notifications subscription enabled for critical database parameter group events. For more information: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp-controls.html#fsbp-rds-21

An RDS event subscription for critical parameter group events does not exist

Description

Need help?