[RDS.13]
RDS automatic minor version upgrades should be enabled
Description
All RDS DB instances must have automatic minor version upgrade enabled. Enabling this feature automatically installs the latest minor versions such as security patches or bug fixes and keeps your database updated. This rule is COMPLIANT when an instance has IAM database authentication enabled.
Details
| Property | Value |
|---|---|
| Category | Detect > Vulnerability and patch management |
| Compliance Control ID | RDS.13 |
| FortifyFox ID | FF100040 |
| Link | RDS.13 Compliance |
| Resource Type(s) | AWS::RDS::DBInstance |
| Severity | High |
Remediation
Use the following CloudFormation templates to deploy a RDS DB Instance compliant with RDS.13
YAML Template
Resources:
rdsDB:
Type: "AWS::RDS::DBInstance"
Properties:
AutoMinorVersionUpgrade: true
JSON Template
{
"Resources": {
"rdsDB": {
"Type": "AWS::RDS::DBInstance",
"Properties": {
"AutoMinorVersionUpgrade": true
}
}
}
}