More Info:

Checks if an Amazon Neptune cluster is configured to copy all tags to snapshots when the snapshots are created. The rule is NON_COMPLIANT if ‘copyTagsToSnapshot’ is set to false.

Risk Level

Medium

Address

Configuration

Compliance Standards

CBP

Triage and Remediation

Remediation

To remediate the misconfiguration of Neptune Cluster not having copy tags for snapshots enabled in AWS RDS using the AWS Management Console, follow these step-by-step instructions:

  1. Sign in to the AWS Management Console: Go to https://aws.amazon.com/ and sign in to the AWS Management Console using your credentials.

  2. Navigate to the Amazon Neptune Console: Click on the “Services” dropdown at the top left corner of the AWS Management Console, then select “Neptune” under the Database category.

  3. Select the Neptune Cluster: From the list of Neptune clusters, click on the name of the cluster that needs to have copy tags for snapshots enabled.

  4. Enable Copy Tags for Snapshots:

    • In the Neptune Cluster dashboard, click on the “Snapshots” tab in the navigation pane on the left.
    • Click on the “Modify” button at the top of the page to modify the cluster settings.
    • In the Modify cluster page, scroll down to the “Backup” section.
    • Look for the option “Copy tags to snapshots” and check the box to enable this feature.
    • Click on the “Apply immediately” checkbox if you want the changes to take effect immediately.
    • Click on the “Modify Cluster” button to save the changes.
  5. Verify Configuration:

    • Once the modification is complete, go back to the Neptune Cluster dashboard.
    • Click on the “Snapshots” tab again and select an existing snapshot or create a new one.
    • Verify that the tags from the Neptune Cluster are copied to the snapshot.

By following these steps, you have successfully enabled copy tags for snapshots for the Neptune Cluster in AWS RDS using the AWS Management Console.