Medium

Ensure stopped RDS instances are removed

AWS Cost Optimization
Description

The goal of ensuring stopped RDS instances are removed is to avoid incurring unnecessary costs and potential security risks associated with having unused resources. Stopped RDS instances that are not actively being used can still accrue charges for storage, backups, and other associated costs. Additionally, these instances can pose a security risk if they are not properly maintained, monitored, or updated with the latest security patches.

Remediation

To ensure stopped RDS instances are removed, you can follow these remediation steps:

  1. Identify stopped RDS instances:a. Log in to the AWS Management Console.b. Go to the RDS service.c. Click on the "Instances" tab.d. Filter the instances with "stopped" status.
  2. Verify if the RDS instance is required:a. Check if the RDS instance is currently being used by any application or service.b. If the RDS instance is not being used, verify if it has any important data stored in it. If it does, take a backup of the data.
  3. Delete the RDS instance:a. Select the stopped RDS instance.b. Click the "Actions" button and select "Delete."c. Confirm the deletion by typing the RDS instance identifier and clicking the "Delete" button.
  4. Verify deletion:a. Refresh the instances page to check if the instance has been removed.b. If the RDS instance still exists, repeat the above steps to delete it.
  5. Automate deletion:a. To ensure that stopped RDS instances are removed in a timely manner, automate the process of identifying and deleting them.b. AWS offers services like AWS Lambda and Amazon CloudWatch Events, which can be used to automate the deletion process.c. Create a CloudWatch event that triggers a Lambda function to check for stopped RDS instances and delete them if they are not required.
Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.

Step into the Future of SecOps