Open menu

AWS DocumentDB Best Practice

Cloud Conformity checks Amazon DocumentDB service according to the following rules:

AWS DocumentDB Clusters Encrypted with KMS CMKs
Ensure that Amazon DocumentDB clusters are encrypted with KMS Customer Master Keys (CMKs).

Enable encryption at rest for AWS DocumentDB clusters
Ensure that Amazon DocumentDB clusters data is encrypted at rest.

Enable AWS DocumentDB Log Exports
Ensure Log Exports feature is enabled for your Amazon DocumentDB clusters.

AWS DocumentDB Sufficient Backup Retention Period
Ensure AWS DocumentDB clusters have a sufficient backup retention period set for compliance purposes.