Description: 

Amazon Relational Database Service (Amazon RDS) is a web service that makes it easier to set up, operate, and scale a relational database in the AWS Cloud. It provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks. Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information.


Rationale: 

It is recommended that your RDS snapshots should not be publicly accessible in order to prevent potential leak or misuse of sensitive data and security threats.


Remediation:  Steps to make the RDS Snapshots private.

  1.     Open the Amazon RDS console.
  2.     Choose Snapshots from the left navigation pane.
  3.     Choose the DB snapshot that you want to copy.
  4.     Choose Actions, and then choose Share Snapshot.
  5.     Choose the DB snapshot visibility to :

                              Private permits only AWS accounts that you specify to restore a DB instance from your manual DB snapshot.

        6. In the AWS Account ID field, enter the ID of the AWS account that you want to permit to restore a DB instance from                 your manual DB snapshot, and then choose Add.

                    Note: You can repeat this step to share snapshots with up to 20 AWS accounts.

        7. Choose Save.

        8. To stop sharing a snapshot with an AWS Account, select the Delete check box next to the account ID from the                         Manage Snapshot Permissions pane, and then choose Save.


References: 

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Welcome.html 

https://aws.amazon.com/premiumsupport/knowledge-center/rds-snapshots-share-account/