Lack of protection against deletion - RDS

Need

Implementation of safeguards to prevent accidental or unauthorized deletion of databases in Amazon Web Services RDS.

Context

Usage of Terraform for Infrastructure as Code (IaC)
Usage of AWS SDK for interacting with Amazon Web Services

Description

Non compliant code

provider "aws" {
  region = "us-west-2"
}

resource "aws_db_instance" "default" {
  allocated_storage    = 20
  storage_type         = "gp2"
  engine               = "mysql"
  engine_version       = "5.7"
  instance_class       = "db.t2.micro"
  name                 = "mydb"
  username             = "foo"
  password             = "foobarbaz"
  parameter_group_name = "default.mysql5.7"
  skip_final_snapshot  = true
}

This script uses Terraform to create an AWS RDS instance. However, the configuration is vulnerable due to the lack of protection against deletion. The skip_final_snapshot parameter is set to true, which means that no final DB snapshot will be created before the DB instance is deleted. If this instance is deleted, all data stored in it will be lost permanently, and recovery would not be possible.

Steps

Enable deletion protection for the RDS instance
Add a backup and recovery strategy for the RDS instance
Implement proper access controls and permissions for the RDS instance
Regularly monitor and review the RDS instance for any unauthorized changes or deletions

Compliant code

provider "aws" {
  region = "us-west-2"
}

resource "aws_db_instance" "default" {
  allocated_storage    = 20
  storage_type         = "gp2"
  engine               = "mysql"
  engine_version       = "5.7"
  instance_class       = "db.t2.micro"
  name                 = "mydb"
  username             = "foo"
  password             = "foobarbaz"
  parameter_group_name = "default.mysql5.7"
  skip_final_snapshot  = false
  deletion_protection  = true
  backup_retention_period = 7
}

The updated code includes three main changes to address the vulnerability:

deletion_protection = true: This line of code enables deletion protection for the RDS instance. With deletion protection enabled, the database cannot be deleted by any user. This feature can only be disabled by modifying the database settings, providing an additional layer of security against accidental or malicious deletions.
skip_final_snapshot = false: This line of code ensures that a final DB snapshot is created before the DB instance is deleted. This provides a recovery point to restore from later if the deletion was accidental.
backup_retention_period = 7: This line of code sets the number of days for which automated backups are retained. Setting this to a positive number enables automated backups. With automated backups, AWS RDS takes a daily snapshot of your data and retains it for the specified number of days. This allows you to restore your database to any point in time within your retention period, providing a robust recovery strategy in case of data loss.

Remember, it's also important to implement proper access controls and permissions for the RDS instance and regularly monitor and review the RDS instance for any unauthorized changes or deletions. This can be done through AWS IAM roles and policies, and AWS CloudTrail for monitoring and logging respectively.

References

256.Lack of protection against deletion - RDS

Need​

Context​

Description​

Non compliant code​

Steps​

Compliant code​

References​