Skip to content
/ encrypt_rds_pipeline Public

Automates RDS encryption for SOC2/CMMC compliance. Includes scripts for creating encrypted RDS snapshots and new instances from these snapshots, enhancing data security. Streamlines compliance and management, offering a robust solution for secure RDS encryption, reducing manual effort.

ibrain.dev

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications

ZioGuillo/encrypt_rds_pipeline

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits

aws

aws

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

Encrypt RDS Pipeline

Overview

The encrypt_rds_pipeline project provides a set of Python scripts designed to automate the encryption process of Amazon RDS instances, prioritizing data security and compliance with CMMC and SOC2 requirements. This project helps organizations enhance their security posture by automating the creation of encrypted snapshots of existing RDS instances and launching new RDS instances from these encrypted snapshots, followed by cleaning up old, unencrypted instances and snapshots.

Prerequisites

  • Python 3.x
  • AWS CLI installed and configured with necessary permissions
  • Boto3 library installed (pip install boto3)

Configuration

Ensure your AWS CLI is configured with the correct credentials and default region by running:

aws configure

Usage

Step 1: Create and Encrypt Snapshot

Run the create_and_encrypt_snapshot.py script to create an encrypted snapshot of an existing RDS instance. This step is crucial for meeting the stringent security requirements of CMMC and SOC2 by ensuring data at rest is encrypted.

python create_and_encrypt_snapshot.py

Step 2: Create RDS Instance from Encrypted Snapshot and Cleanup

After the encrypted snapshot is created, run the create_instance_and_cleanup.py script to create a new RDS instance from the encrypted snapshot and clean up the old resources. This step reinforces the commitment to data security and regulatory compliance.

python create_instance_and_cleanup.py

Scripts

  • create_and_encrypt_snapshot.py: Lists RDS instances, creates a snapshot of the selected instance, and then creates an encrypted copy of the snapshot, adhering to security and compliance standards.
  • create_instance_and_cleanup.py: Input the last Snapshot Encrypted, creates a new RDS instance from this snapshot, and cleans up the old RDS instance and snapshot, maintaining the integrity and security of the data.

Security and Compliance

This project emphasizes the importance of data security and compliance with standards like CMMC and SOC2. By automating the encryption of RDS instances, it ensures that sensitive data is protected, thereby supporting organizations in meeting their security and regulatory obligations.

Contributing

Feel free to fork the repository and submit pull requests to contribute to the project.

License

Specify your license here or indicate if the project is open source.

About

Automates RDS encryption for SOC2/CMMC compliance. Includes scripts for creating encrypted RDS snapshots and new instances from these snapshots, enhancing data security. Streamlines compliance and management, offering a robust solution for secure RDS encryption, reducing manual effort.

ibrain.dev

Topics

aws encryption terraform python3 rds boto3 rds-database soc2 cmmc

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Languages