Ensure that your RDS database instances have set a minimum backup retention period in order to achieve the compliance requirements. Cloud Conformity recommends a minimum (default) retention period of 7 (seven) days but you can adjust the minimumRetentionPeriod parameter value to narrow or extend the default retention period (AWS RDS allows a maximum retention period of thirty five days).
Having a minimum retention period set for RDS database instances will enforce your backup strategy to follow the best practices as specified in the compliance regulations. Retaining point-in-time RDS snapshots for a longer period of time will allow you to handle more efficiently your data restoration process in the event of failure. Note: This guide will use 7 days (recommended) as the threshold for the minimum backup retention period. However, you can adjust anytime the number of days to suit your requirements.
To determine if your RDS instances have the sufficient backup retention period (≥ 7 days) set for automated backups, perform the following:
To update your RDS instances automated backups configuration and extend the retention period, perform the following: