Best practice rules for Amazon DocumentDB
Trend Micro Cloud One™ – Conformity monitors Amazon DocumentDB with the following rules:
- DocumentDB Clusters Encrypted with KMS CMKs
Ensure that Amazon DocumentDB clusters are encrypted with KMS Customer Master Keys (CMKs).
- DocumentDB Encryption Enabled
Ensure that Amazon DocumentDB clusters data is encrypted at rest.
- DocumentDB Sufficient Backup Retention Period
Ensure AWS DocumentDB clusters have a sufficient backup retention period set for compliance purposes.
- Log Exports for DocumentDB
Ensure Log Exports feature is enabled for your Amazon DocumentDB clusters.