More Info:

RDS instances should make use of Copy Tags to Snapshots feature in order to allow tags set on database instances to be automatically copied to any automated or manual RDS snapshots that are created from these instances

Risk Level

Low

Address

Cost Optimisation

Compliance Standards

CBP

Triage and Remediation

Remediation

To remediate the misconfiguration of RDS instances not making use of Copy Tags in AWS, you can follow these steps using the AWS Management Console:

  1. Sign in to the AWS Management Console: Go to https://aws.amazon.com/ and sign in to your AWS account.

  2. Navigate to the RDS Console: Click on the “Services” dropdown menu at the top of the page, select “RDS” under the Database category. This will take you to the Amazon RDS dashboard.

  3. Select the RDS Instance: From the list of RDS instances, select the instance that you want to enable Copy Tags for by clicking on its identifier.

  4. Enable Copy Tags: In the RDS instance details page, scroll down to the “Details” section. Under the “Settings” tab, find the “Maintenance” section.

  5. Modify Maintenance Settings: Click on the “Modify” button to adjust the maintenance settings for the RDS instance.

  6. Enable Copy Tags Option: In the Modify DB Instance window, scroll down to the “Backup” section. Look for the “Copy Tags to Snapshots” option and check the box next to it to enable this feature.

  7. Save Changes: Scroll to the bottom of the page and click on the “Continue” button. Review the changes you have made, then click on the “Modify DB Instance” button to save the changes.

  8. Monitor the Modification: The modification process will start, and you can monitor the progress in the RDS console. Once the modification is complete, the RDS instance will now copy tags to snapshots.

By following these steps, you have successfully remediated the misconfiguration of RDS instances not making use of Copy Tags in AWS.

Additional Reading: