Back to All Checks
Low RDS Regional

Enhanced monitoring should be configured for RDS DB instances

NIST

Description

Checks if RDS instances have enhanced monitoring configured. This check also fetches the tags associated with each RDS instance.

Remediation

To configure enhanced monitoring for the identified RDS DB instance, follow these steps:

Steps

  1. Log in to the AWS Management Console and open the Amazon RDS console.
  2. In the navigation pane, click on 'Databases'.
  3. Select the RDS DB instance that requires enhanced monitoring.
  4. Choose 'Modify'.
  5. In the 'Modify DB Instance' page, scroll down to the 'Monitoring' section.
  6. Find the 'Enhanced monitoring' option and set it to 'Enable'.
  7. Select the granularity for the monitoring data (e.g., 1, 5, 10, 15, 30, or 60 seconds).
  8. Choose an IAM role that has the necessary permissions to publish logs to Amazon CloudWatch Logs. If you do not have an appropriate IAM role, you can create one.
  9. Scroll to the bottom of the page and click on 'Continue'.
  10. Review your changes. You can apply them immediately or during the next maintenance window.
  11. Click 'Modify DB Instance' to save the changes.

Compliance

NIST
Start Your Free Security Check