Ensure that your EBS volumes (available or in-use) have recent snapshots (taken weekly) available for point-in-time recovery for a better, more reliable data backup strategy. The threshold for the time frame between the volume snapshots is 7 days, meaning there should be a snapshot taken at least every 7 days.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Creating point-in-time EBS snapshots periodically will allow you to handle efficiently your data recovery process in the event of a failure, to save your data before shutting down an EC2 instance, to back up data for geographical expansion and to maintain your disaster recovery stack up to date.
Audit
To determine if you have any recent (< 7 days) snapshots available for your EBS volumes, perform the following:
Remediation / Resolution
To maintain your EBS backup stack up-to-date, you need to create new EBS snapshots. To complete the process perform the following:
Note: if you have encrypted EBS volumes, any associated snapshots should remain also protected as the snapshots taken from encrypted volumes are automatically encrypted.References
- AWS Documentation
- Amazon Elastic Block Store (Amazon EBS)
- Amazon EBS Snapshots
- Viewing Amazon EBS Snapshot Information
- Creating an Amazon EBS Snapshot
- AWS Command Line Interface (CLI) Documentation
- describe-snapshots
- create-snapshot
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
EBS Volumes Recent Snapshots
Risk level: Medium