Ensure that your RDS database instances have set a minimum backup retention period in order to achieve the compliance requirements. Cloud Conformity recommends a minimum (default) retention period of 7 (seven) days but you can adjust the minimumRetentionPeriod parameter value to narrow or extend the default retention period (AWS RDS allows a maximum retention period of thirty five days).
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Having a minimum retention period set for RDS database instances will enforce your backup strategy to follow the best practices as specified in the compliance regulations. Retaining point-in-time RDS snapshots for a longer period of time will allow you to handle more efficiently your data restoration process in the event of failure.
Note: This guide will use 7 days (recommended) as the threshold for the minimum backup retention period. However, you can adjust anytime the number of days to suit your requirements.
To determine if your RDS instances have the sufficient backup retention period (≥ 7 days) set for automated backups, perform the following:
To update your RDS instances automated backups configuration and extend the retention period, perform the following: