Ensure that your RDS database instances have the Auto Minor Version Upgrade flag enabled in order to receive automatically minor engine upgrades during the specified maintenance window. Each version upgrade is available only after is tested and approved by AWS.
This rule can help you with the following compliance standards:
- NIST 800-53 (Rev. 4)
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
AWS RDS will occasionally deprecate minor engine versions and provide new ones for upgrade. When the last version number within the release is replaced (e.g. 5.6.26 to 5.6.27), the version changed is considered minor. With Auto Minor Version Upgrade feature enabled, the version upgrades will occur automatically during the specified maintenance window so your RDS instances can get the new features, bug fixes and security patches for their database engines.
To determine if your RDS instances have Auto Minor Version Upgrade feature enabled, perform the following:
Remediation / Resolution
To update your RDS instances configuration and enable Auto Minor Version Upgrade, perform the following:
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
Get started for FREE
You are auditing:
RDS Auto Minor Version Upgrade
Risk level: Medium