CCSS (Common Configuration Scoring System) is a set of measures used to determine the severity of the rule.
Each rule is associated with a high-level category. For example IAM, Container, Monitoring, Logging, Network, etc.
Is your environment affected by this misconfiguration?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-CC-00725
- creditSnyk Research Team
Description
Enabling the Auto Minor Version Upgrade feature for RDS instances ensures that the database engine automatically applies minor version upgrades as they become available. This helps to keep the database engine up to date with the latest bug fixes, security patches, and performance improvements. Failure to enable this feature may result in running outdated versions of the database engine, which can expose the instances to known vulnerabilities and potential security risks. Enabling Auto Minor Version Upgrade helps to mitigate these risks and ensures that the RDS instances are running on the latest stable version of the database engine.
How to fix?
Set the auto_minor_version_upgrade attribute to true.
Example configuration:
resource "aws_db_instance" "example" {
auto_minor_version_upgrade = true
}