Amazon RDS
      Back to home
      1. CNS Policies
      2. AWS Knowledge Base
      3. Amazon RDS

      RDS DocumentDB Minor Version Upgrade Disabled

      Risk Level: LOW

      Description:

      On RDS and DocumentDB databases, this plugin guarantees that Auto Minor Version Upgrade is enabled. RDS enables automatically upgrading the database's minor version, which should be enabled to guarantee that security fixes are deployed rapidly.


      Recommended Action: Enable automatic minor version upgrades on RDS and DocumentDB databases.

      About the Service :

      Amazon RDS (Amazon Relational Database Service) makes it simple to set up, run, and scale a relational database in the cloud. It offers scalable capacity at a low cost while automating time-consuming administrative activities including hardware provisioning, database setup, patching, and backups. 


      Impact: 

      If your RDs Database Instances do not have Auto Minor Version Upgrade flag enabled, you will not receive automatic minor engine updates during the specified maintenance window.

      Steps to reproduce :

      1. .Sign in to your AWS management console.
      2. Navigate to the RDS dashboard at: https://console.aws.amazon.com/rds/
      3. On the left navigation panel, under RDS Dashboard, select Databases.
      4. Select the RDS instance that you want to examine.
      5. Under the Maintainance and backups section, scroll down and check the status of Auto Minor Version Upgrade.
      6. If the current status is set to Disabled, the feature is currently disabled for your selected RDS database instance.
      7. Repeat steps no. 4 – 7 for each RDS instance provisioned in the current region as well as in other AWS regions.

      Steps for remediation :

      1. .Sign in to your AWS management console.
      2. Navigate to the RDS dashboard at: https://console.aws.amazon.com/rds/
      3. On the left navigation panel, under RDS Dashboard, select Databases.
      4. Select the RDS instance that you want to reconfigure.
      5. Click on Modify.
      6. On the Modify DB Instance page that appears, scroll down to Additional Configurations. 
      7. Under Maintainance, select the checkbox for Enable Auto Minor Version Upgrade option.
      8. Click on Continue.
      9. On the next page that appears, select Apply Immediately.
      10. Click on Modify DB Instance, the changes will be applied.
      11. Repeat steps no. 4 – 11 for each RDS instance that you want to reconfigure provisioned in the current region as well as in other AWS regions.







      References: