Back to All Checks
Medium RDS Regional

RDS DB instances should have encryption at-rest enabled

CISNISTISO 27001HIPAA

Description

Checks whether the RDS DB instances have encryption at-rest enabled.

Remediation

To enable encryption at-rest for the identified RDS DB instance, follow these steps:

Steps

  1. Log in to the AWS Management Console and open the Amazon RDS console.
  2. In the navigation pane, click on 'Databases'.
  3. Select the RDS DB instance that requires encryption at-rest.
  4. Choose 'Modify'.
  5. In the 'Modify DB Instance' page, scroll down to the 'Database options' section.
  6. Find the 'Encryption' option and select 'Enable Encryption'.
  7. Choose an encryption key from the available AWS Key Management Service (KMS) keys. If you do not have a KMS key, you can create one.
  8. Scroll to the bottom of the page and click on 'Continue'.
  9. Review your changes. You can apply them immediately or during the next maintenance window.
  10. Click 'Modify DB Instance' to save the changes.

Compliance

CISNISTISO 27001HIPAA
Start Your Free Security Check