この記事は公開されてから1年以上経過しています。情報が古い可能性がありますので、ご注意ください。
Hello, I am Adarsh Parakh This is AWS latest update to help monitor their RDS workload for any threats or malicious activities using GuardDuty
Amazon GuardDuty adds threat detection for RDS databases, starting with Amazon Aurora. Once enabled GuardDuty begins to profile and monitor login activity to existing and new databases in your account. GuardDuty administrators can enable the feature for member accounts. During the public preview GuardDuty RDS Protection is available at no additional costs.
https://docs.aws.amazon.com/guardduty/latest/ug/rds-protection.html
Many organisations rely on RDS to store critical data and power applications that require a high-performance database, getting GuardDuty threat detection support will give these organisations more comfort in using RDS Aurora for their important data.
Let's try it
It really is just one click.
How does it work?
GuardDuty analize unusual failed or successful access patterns, based on its learnings if a pattern seems unusual it generates a finding in GuardDuty
What information can you find?
It provides you with the login activities in your Account.
Supported Databases
Currently, Guard Duty supports the following Aurora database versions:
- Aurora MySQL versions 2.10.2 and 3.2.1 or higher.
- Aurora PostgreSQL versions 10.17, 11.12, 12.7, 13.3, and 14.3 or higher.
Conclusion
AWS GuardDuty helps continuously detect threats and malicious activities and unauthorized behavior to protect AWS accounts, and now it can do the same for your RDS Aurora workloads.
Reference
https://docs.aws.amazon.com/guardduty/latest/ug/rds-protection.html
12
