Update relational database controls from markdown to yaml

services/database/relational/controls.yaml

@@ -11,12 +11,12 @@
 
 controls:
   - id: CCC.RDMS.C01
-    title: backup database to alternative trust-zone
+    title: Backup Database to Alternative Trust-Zone
     objective: |
       Ensure that databases are backed up and the backup is outside of the applications trust-zone
     control_family: Data
     threats:
-      - CCC.RDMS.TH14 # DB backup is uninentionally restored
+      - CCC.RDMS.TH14 # DB backup is unintentionally restored
     nist_csf: PR.DS-11
     control_mappings:
       NIST_800_53:
@@ -29,3 +29,47 @@
         tlp_levels:
           - tlp_red
           - tlp_amber
+
+  - id: CCC.RDMS.C02
+    title: Disable Access with Default Credentials
+    objective: |
+      Ensure that default credentials are disabled and only authorized
+      roles can access database resources.
+    control_family: Data
+    nist_csf: PR.AC-5
+    threats:
+      - M1041 # Restrict User Privileges
+    control_mappings:
+      CCM:
+        - IAM-09
+        - IAM-13
+      ISO_27001:
+        - 2013 A.9.2.6
+      NIST_800_53:
+        - AC-17
+    test_requirements:
+      - id: CCC.RDMS.C2.TR01
+        text: Secure Database Access Control
+
+  - id: CCC.RDMS.C03
+    title: Restrict Snapshot Collection To Trusted Roles
+    objective: Limit snapshot collection capabilities to trusted roles.
+    control_family: Data
+    nist_csf: PR.DS-3
+    threats:
+      - M1054 # Restrict Data Access
+    control_mappings:
+      CCM:
+        - DSI-05
+        - DSI-07
+      ISO_27001:
+        - 2013 A.12.3.1
+      NIST_800_53:
+        - CP-09
+    test_requirements:
+      - id: CCC.RDMS.C3.TR01
+        text: Snapshot collection by trusted roles
+      - id: CCC.RDMS.C3.TR02
+        text: Restriction of snapshot collection capabilities
+      - id: CCC.RDMS.C3.TR03
+        text: Prevent unauthorized snapshot collection