Profile Applicability:
- Level 1
Description:
Amazon RDS (Relational Database Service) provides various event notifications for RDS clusters, including critical events related to availability, performance, and security. Critical events such as instance failover, storage full alerts, or maintenance notifications need to be subscribed to, so that administrators can be immediately alerted when a critical event occurs.
This SOP ensures that all RDS clusters are configured to receive notifications for critical events. These notifications are essential for maintaining high availability and responding promptly to issues, ensuring that RDS instances and clusters remain operational and secure.
Rationale:
Proactive Monitoring: Subscribing to critical events ensures immediate notifications on issues such as failovers or maintenance tasks, allowing for quick remediation.
High Availability: Critical events need to be monitored closely to ensure that necessary actions (like instance failover or backup issues) are resolved before they impact operations.
Security and Compliance: For compliance with frameworks like SOC 2, PCI-DSS, and HIPAA, it's necessary to ensure that critical system events are captured and responded to promptly.
Operational Efficiency: Being aware of critical events enables a more effective incident response, minimizing downtime and disruptions.
Impact:
Pros:
Faster Issue Resolution: Immediate notification of critical events enables quick remediation, reducing downtime.
Enhanced Monitoring: Proactively monitor your RDS clusters and take necessary actions to maintain availability.
Security: Helps to ensure that critical issues are caught and addressed early, reducing the risk of security vulnerabilities.
Compliance: Critical event subscription helps meet security and operational monitoring requirements for various compliance standards.
Cons:
Alert Fatigue: Too many notifications can lead to alert fatigue if not properly filtered or configured.
Configuration Overhead: Setting up and managing event subscriptions across multiple RDS clusters may require some administrative effort.
Default Value:
By default, Amazon RDS clusters are not subscribed to critical event notifications. You need to explicitly subscribe to these events using either the AWS Console, CLI, or SNS notifications for critical events.
Pre-requisite:
AWS IAM Permissions:
rds:DescribeEventSubscriptions
rds:CreateEventSubscription
sns:Publish
AWS CLI installed and configured.
Ensure an SNS topic exists where event notifications will be published.
Knowledge of the RDS cluster for which you need to configure notifications.
Test Plan:
Using AWS Console:
Sign in to the AWS Management Console.
Navigate to Amazon RDS under Services.
In the RDS Dashboard, go to Event Subscriptions under the Events section.
Review the existing event subscriptions:
Ensure that there is an active subscription for critical events such as instance failover, backup failures, and maintenance updates.
Check if SNS topics are associated with these events to notify appropriate administrators.
If no subscription exists or if the subscription is incomplete, click Create Event Subscription and select the critical events you want to monitor.
Ensure to choose the appropriate SNS topic for notifications.
Using AWS CLI:
To check existing event subscriptions, run:
aws rds describe-event-subscriptions --query 'EventSubscriptionsList[*].[SubscriptionName, SnsTopicArn, Enabled]'
Review the output and ensure there are active subscriptions for critical events.
To create a new event subscription for critical events, run:
aws rds create-event-subscription --subscription-name <subscription-name> --sns-topic-arn <sns-topic-arn> --source-type db-cluster --event-categories "failover", "configuration change", "maintenance", "security"
Verify the subscription using:
aws rds describe-event-subscriptions --subscription-name <subscription-name>
Implementation Steps:
Using AWS Console:
Log in to the AWS Management Console and navigate to Amazon RDS.
Go to Event Subscriptions under the Events section.
Click Create Event Subscription and provide the following information:
Subscription Name: Provide a name for your subscription.
SNS Topic ARN: Select the SNS topic where event notifications will be sent.
Source Type: Select DB Cluster to subscribe to events related to RDS clusters.
Event Categories: Choose the critical event categories (e.g., failover, maintenance, security) you wish to subscribe to.
Click Create Subscription to save the configuration.
Verify that notifications are being sent to the SNS topic by checking CloudWatch Logs or reviewing your email or messaging service for alerts.
Using AWS CLI:
To create an event subscription, run:
aws rds create-event-subscription --subscription-name <subscription-name> --sns-topic-arn <sns-topic-arn> --source-type db-cluster --event-categories "failover", "configuration change", "maintenance", "security"
To verify the subscription, run:
aws rds describe-event-subscriptions --subscription-name <subscription-name>
Ensure that SNS topic ARN is correct and the relevant critical events are being captured.
Backout Plan:
Using AWS Console:
If subscribing to critical RDS cluster events causes issues or unnecessary notifications, sign in to the AWS Management Console.
Navigate to Amazon RDS, select Event Subscriptions, and find the subscription for critical RDS cluster events.
Delete or modify the subscription as needed.
Using AWS CLI:
To remove the event subscription, run the following command:
aws rds delete-event-subscription --subscription-name <SUBSCRIPTION_NAME>
Verify that the subscription has been deleted:
aws rds describe-event-subscriptions --subscription-name <SUBSCRIPTION_NAME>