Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Severity: Medium

Description: This control ensures that IAM DB Authentication is enabled for RDS DB Instances. When using IAM Database Authentication, instead of passwords, authentication tokens are issued and used for logging in. This provides central management of users and a better security model for authentication. Any traffic to and from the database is encrypted using Secure Sockets Layer (SSL) .

Remediation Steps:

Perform following to update authentication for RDS :

  1. Login to the AWS Management Console at https://console.aws.amazon.com as root user.

  2. Navigate to RDS console.

  3. In the navigation pane, Click on Databases.

  4. Click on the Database instance to be modified, click Modify.

  5. Under the Database options choose Enable IAM DB authentication.

  6. Click on the Continue.

  7. Under Scheduling of modifications option select Apply Immediately.

  8. Click on Modify DB Instance

Important:

  •  The security tokens are valid for only 15 minute.

  • The IAM Database Authentication is available for only MySQL and PostgreSQL with MySQL 5.6 version 5.6.34, MySQL 5.7 version 5.7.16, PostgreSQL 10.6 version 10.6.11 and PostgreSQL 9.5 version 9.5.15 or higher.

Reference :

  • No labels

Blue Hexagon Proprietary