🛡️ AWS RDS Aurora Cluster Multi-AZ Deployment is not enabled🟢

• Contextual name: 🛡️ Aurora Cluster Multi-AZ Deployment is not enabled🟢
• ID: /ce/ca/aws/rds/aurora-cluster-multi-az-deployment
• Tags:
  • 🟢 Policy with categories
  • 🟢 Policy with type
  • 🟢 Production policy
• Policy Type: COMPLIANCE_POLICY
• Policy Categories: RELIABILITY

Logic

• 🧠 prod.logic.yaml🟢
  • 📗 AWS RDS Cluster
  • 🔌 AWS RDS Cluster - object.extracts.yaml
  • 🧪 test-data.json

Similar Policies

• AWS Security Hub: [RDS.15] RDS DB clusters should be configured for multiple Availability Zones

Description

Open File

Description

This policy identifies AWS RDS Aurora Clusters that are not configured for Multi-AZ deployment. In Amazon Aurora, Multi-AZ is achieved by provisioning at least one Aurora Replica in a different Availability Zone from the primary instance.

Rationale

Multi-AZ deployment is a critical best practice for production database workloads. In the event of a primary instance failure, Amazon Aurora automatically fails over to an available Aurora Replica located in a separate AZ. While Aurora replicates data across multiple AZs at the storage layer by default, deploying instances across multiple AZs ensures resilience at the compute layer as well.

Failover typically completes within approximately 30 seconds, and because Aurora uses shared, distributed storage, the failover process does not result in data loss.

Impact

Multi-AZ deployments may increase costs due to the additional compute resources required to maintain Aurora Replicas. However, for business-critical applications, the improved availability and reduced risk of downtime generally outweigh the associated costs.

... see more

Remediation

Open File

Remediation

Enable Multi-AZ for an Aurora Cluster

To enable Multi-AZ deployment for an Amazon Aurora cluster, provision at least one Aurora Replica in a different Availability Zone than the primary instance. This ensures high availability at the compute layer and allows automatic failover in the event of an instance or AZ failure.

Multi-AZ for Aurora is achieved by adding a reader instance to the existing cluster and placing it in a separate AZ.

From Command Line

Use the create-db-instance command to add an Aurora Replica to the cluster. Ensure that the replica is created in a different Availability Zone than the primary instance.

aws rds create-db-instance \
    --db-instance-identifier {{replica-instance-id}} \
    --db-cluster-identifier {{cluster-name}} \
    --engine {{aurora-postgresql}} \
    --db-instance-class {{db.r5.large}} \
    --availability-zone {{us-east-1b}}

Considerations

• The Availability Zone specified for the replica must differ from the primary instance’s AZ.
• Instance class and engine type must be compatible with the existing Aurora cluster.

... see more

policy.yaml

Open File

Linked Framework Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.15] RDS DB clusters should be configured for multiple Availability Zones			1		no data
💼 Cloudaware Framework → 💼 System Configuration			69		no data
💼 FedRAMP High Security Controls → 💼 CP-6(2) Recovery Time and Recovery Point Objectives (H)			19		no data
💼 FedRAMP High Security Controls → 💼 CP-10 System Recovery and Reconstitution (L)(M)(H)	2		20		no data
💼 FedRAMP Low Security Controls → 💼 CP-10 System Recovery and Reconstitution (L)(M)(H)			20		no data
💼 FedRAMP Moderate Security Controls → 💼 CP-10 System Recovery and Reconstitution (L)(M)(H)	1		20		no data
💼 NIST CSF v2.0 → 💼 PR.IR-03: Mechanisms are implemented to achieve resilience requirements in normal and adverse situations			21		no data
💼 NIST CSF v2.0 → 💼 RC.RP-01: The recovery portion of the incident response plan is executed once initiated from the incident response process			20		no data
💼 NIST CSF v2.0 → 💼 RC.RP-02: Recovery actions are selected, scoped, prioritized, and performed			20		no data
💼 NIST CSF v2.0 → 💼 RC.RP-05: The integrity of restored assets is verified, systems and services are restored, and normal operating status is confirmed			20		no data
💼 NIST SP 800-53 Revision 5 → 💼 CP-6(2) Alternate Storage Site _ Recovery Time and Recovery Point Objectives			19		no data
💼 NIST SP 800-53 Revision 5 → 💼 CP-10 System Recovery and Reconstitution	6		20		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-5(2) Denial-of-service Protection _ Capacity, Bandwidth, and Redundancy			24		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-36 Distributed Processing and Storage	2		12		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-13(5) Predictable Failure Prevention _ Failover Capability			19		no data