RDS Instances Have Audit Log Enabled
Rule Details
|
Parameter |
Description |
|---|---|
|
Rule Name |
rds-instance-enable-auditLog |
|
Identifier |
rds-instance-enable-auditLog |
|
Description |
If an RDS instance does not have the audit log enabled or has audit logs kept for less than the specified number of days, this instance is non-compliant. |
|
Tag |
rds |
|
Trigger Type |
Configuration change |
|
Filter Type |
rds.instances |
|
Rule Parameters |
keepDays: number of days for storing audit logs |
Application Scenarios
The database audit function records all user operations on the database in real time. This function logs, analyzes, and reports user activities in the database. Based on the audit logs, you can prepare compliance reports and track incidents, improving data asset security. For details, see Enabling Database Audit for Post-Event Backtracking.
Solution
Configure an audit log policy for your RDS instances as required. For details, see Setting SQL Audit and Enabling SQL Audit.
Rule Logic
- If SQL audit is enabled for an RDS instance and the audit logs are retained for at least the required period, the instance is compliant.
- If SQL audit is enabled for an RDS instance but the audit logs are retained for less than the required period, the instance is non-compliant.
- If SQL audit is not enabled for an RDS instance, the instance is non-compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
