Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

Description: This control ensures that the RDS DB Instance use unique Master Usernames instead of defaults ("root", "awsuser", "admin", "rdsadmin"). This user has extensive privileges on the database instance which includes creation on databases and modifications of tables. If not specified during the time of creation of the Instance, a default username is set for the Master username.

Remediation Steps:

Perform following to update RDS instance master username :

  1. Login to the AWS Management Console at https://console.aws.amazon.com as root user.

  2. Navigate to RDS console.

  3. Step1 - Create a new DB Instance

    1. On Navigation pane on left side, click Databases.

    2. Click Create Database button.

    3. Configure the setting similar to the old DB Instance.

    4. Click Under Credential Setting under Settings, enter a unique alpha-numerical username for Master Username.

    5. Click Create Database.

  4. Step 2 - Delete old DB Instance

    1. On Navigation pane on left side, click Databases.

    2. Select a DB Instance to delete.

    3. Click on Select a DB Instance to delete.

    4. Click on Actions and choose Delete.

    5. For Create final Snapshot?, choose Yes or No. If you chose yes, for Final snapshot name type the name of your final DB snapshot.

    6. Type delete me in the box.

    7. Choose Delete and choose Delete.

    8. For Create final Snapshot?, choose Yes or No. If you chose yes, for Final snapshot name type the name of your final DB snapshot.

    9. Type Delete me in the box.

    10. Choose Delete.

Important:

  • Master username of an RDS DB Instance cannot be modified after the instance is created

  • The new DB Instance should be configured with same settings as the old Instance

  • After required connection string modifications and security group updates, ensure all applications are successfully connecting and querying to the new DB Instance

Reference :

  • No labels