Back to All Checks
Medium Neptune Regional

Neptune DB clusters should have IAM database authentication enabled

NIST 800-53ISO 27001HIPAA

Description

This control checks if IAM database authentication is enabled for a Neptune DB cluster. The control fails if IAM database authentication is not enabled. IAM database authentication for Amazon Neptune removes the need to store user credentials in the database configuration, as authentication is managed externally by IAM. When enabled, each request must be signed using AWS Signature Version 4.

Remediation

To remediate Neptune DB clusters without IAM database authentication enabled, you need to enable IAM database authentication for the cluster.

Steps

  1. Navigate to the Amazon Neptune console
  2. Select the DB cluster that needs remediation
  3. Click on 'Modify' to edit the cluster configuration
  4. In the 'Database authentication' section, enable 'IAM database authentication'
  5. Review the IAM authentication settings
  6. Apply the changes during the next maintenance window or immediately
  7. Verify that IAM database authentication is enabled in the cluster details
  8. Create IAM policies for database access if not already configured
  9. Test IAM database authentication with a sample connection
  10. Update applications to use IAM authentication instead of database credentials

Compliance

NIST 800-53ISO 27001HIPAA
Start Your Free Security Check