💼 [RDS.9] RDS DB instances should publish logs to CloudWatch Logs

• ID: /frameworks/aws-fsbp-v1.0.0/rds/09

Description

RDS databases should have relevant logs enabled. Database logging provides detailed records of requests made to RDS. Database logs can assist with security and access audits and can help to diagnose availability issues.

Similar

• AWS Security Hub
  • https://docs.aws.amazon.com/securityhub/latest/userguide/rds-controls.html#rds-9
• Internal
  • ID: dec-c-c47b2f23

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(4) Account Management _ Automated Audit Actions		14	16		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-4(26) Information Flow Enforcement _ Audit Filtering Actions			9		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-6(9) Least Privilege _ Log Use of Privileged Functions		17	19		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-2 Event Logging	4		17		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-3 Content of Audit Records	3	13	28		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(3) Audit Record Review, Analysis, and Reporting _ Correlate Audit Record Repositories			8		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-6(4) Audit Record Review, Analysis, and Reporting _ Central Review and Analysis			8		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-10 Non-repudiation	5		7		no data
💼 NIST SP 800-53 Revision 5 → 💼 AU-12 Audit Record Generation	4	47	65		no data
💼 NIST SP 800-53 Revision 5 → 💼 CA-7 Continuous Monitoring	6		13		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(9) Boundary Protection _ Restrict Threatening Outgoing Communications Traffic			14		no data
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(10) Boundary Protection _ Prevent Exfiltration			6		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-3(8) Malicious Code Protection _ Detect Unauthorized Commands			6		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-4(20) System Monitoring _ Privileged Users			5		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-7(8) Software, Firmware, and Information Integrity _ Auditing Capability for Significant Events			8		no data
💼 PCI DSS v4.0.1 → 💼 10.2.1 Audit logs are enabled and active for all system components and cardholder data.	7		27		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance