AWS-Neptune-DB-IAM-DB-authentication-enable

Severity: Medium

Description: This control ensures that IAM DB Authentication is enabled for Neptune DB Clusters. When using IAM Database Authentication, instead of passwords, authentication tokens are issued and used for logging in. This provides central management of users and a better security model for authentication. Any traffic to and from the database is encrypted using Secure Sockets Layer (SSL) and the security tokens are valid for only 15 minutes.

Remediation Steps:

Perform following to enable authentication for Neptune :

1. Login to the AWS Management Console at https://console.aws.amazon.com.

2. Navigate to Neptune console.

3. In the navigation pane, choose Databases.

4. Select database Cluster to configure, Choose Modify.

5. In section Database Options,choose Enable IAM DB authentication.

6. Click Continue.

7. Under the Scheduling of modifications option select Apply Immediately.

8. Click Modify DB Cluster.

Important:

Reference:

• https://docs.aws.amazon.com/neptune/latest/userguide/iam-auth.html