Skip to content

Terraform AWS RDS

Terraform module which creates RDS resources on AWS with comprehensive features including Multi-AZ deployments, read replicas, automated backups, encryption, and CloudWatch alarms.

Implemented Controls

The following compliance controls are implemented in this module.

Compliance.tf registry endpoints

module "rds" {
  source  = "acscessentialeight.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "acscism2023.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "awscontroltower.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "awsgenai.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "awswellarchitected.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "cccsmedium.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "cfrpart11.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "cis.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "cisv500.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "cisv600.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "cisv80ig1.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "cisacyberessentials.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "eugmpannex11.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "fedramplow.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "fedrampmoderate.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "ffiec.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "gdpr.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "hipaa.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "iso27001.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "nist800171.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "nist80053.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "nistcsf.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "nydfs23.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "pcidss.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "rbicybersecurity.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "rbiitfnbfc.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

module "rds" {
  source  = "soc2.compliance.tf/terraform-aws-modules/rds/aws"
  version = "<version>"

  # ... your arguments here
}

See the Technical Usage Guide to get started and read the Features section for more details on how to customize the module for your requirements.

Mapped compliance frameworks

ISM-1580: Availability planning and monitoring for online services

CT-4.0.1: 4.0.1 - Disallow public access to RDS database instances

CP-6(1): Separation from Primary Site

2.2.1 Ensure that encryption-at-rest is enabled for RDS Instances

2.2.2 Ensure the Auto Minor Version Upgrade feature is enabled for RDS instances

2.2.3 Ensure that RDS instances are not publicly accessible

2.2.4 Ensure Multi-AZ deployments are used for enhanced availability in Amazon RDS

3.2.1 Ensure that encryption-at-rest is enabled for RDS instances

3.2.2 Ensure the Auto Minor Version Upgrade feature is enabled for RDS instances

3.2.3 Ensure that RDS instances are not publicly accessible

3.2.4 Ensure Multi-AZ deployments are used for enhanced availability in Amazon RDS

A.9.4.2: Secure log-on procedures

7.3.1: Access to system components and data is managed via an access control system(s).