Question 1

Is backup_retention_period enforced for NYDFS Cybersecurity Regulation?

Accepted Answer

Yes, The backup feature of AWS RDS creates backups of your databases and transaction logs.

Question 2

Is cloudwatch_log_group_kms_key_id enforced for NYDFS Cybersecurity Regulation?

Accepted Answer

Yes, To help protect sensitive data at rest, ensure encryption is enabled for your AWS CloudWatch Log Group.

Question 3

Is cloudwatch_log_group_retention_in_days enforced for NYDFS Cybersecurity Regulation?

Accepted Answer

Yes, Ensure a minimum duration of event log data is retained for your log groups to help with troubleshooting and forensics investigations.

Question 4

Is deletion_protection enforced for NYDFS Cybersecurity Regulation?

Accepted Answer

Yes, Ensure AWS Relational Database Service (AWS RDS) instances have deletion protection enabled.

Question 5

Is enabled_cloudwatch_logs_exports enforced for NYDFS Cybersecurity Regulation?

Accepted Answer

Yes, To help with logging and monitoring within your environment, ensure AWS Relational Database Service (AWS RDS) logging is enabled.

Question 6

Is monitoring_interval enforced for NYDFS Cybersecurity Regulation?

Accepted Answer

Yes, Enable AWS Relational Database Service (AWS RDS) to help monitor AWS RDS availability. This provides detailed visibility into the health of your AWS RDS database instances.

Question 7

Is multi_az enforced for NYDFS Cybersecurity Regulation?

Accepted Answer

Yes, Multi-AZ support in AWS Relational Database Service (AWS RDS) provides enhanced availability and durability for database instances.

Question 8

Is publicly_accessible enforced for NYDFS Cybersecurity Regulation?

Accepted Answer

Yes, Manage access to resources in the AWS Cloud by ensuring that AWS Relational Database Service (AWS RDS) instances are not public.

Question 9

Is storage_encrypted enforced for NYDFS Cybersecurity Regulation?

Accepted Answer

Yes, To help protect data at rest, ensure that encryption is enabled for your AWS Relational Database Service (AWS RDS) instances.

AWS RDS Terraform module

Terraform Module Source