Ensure that your Amazon DocumentDB database clusters have set a minimum backup retention period in order to fulfill your organization compliance requirements. The retention period represents the number of days to retain automated backups (snapshots) before these are being deleted. Cloud Conformity recommends a minimum retention period of 7 (seven) days but you can adjust this threshold value to narrow or extend the default retention period as required, within the conformity rule settings.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Having a minimum retention period set for Amazon DocumentDB clusters will enforce your AWS account backup strategy to follow best practices and meet regulatory compliance within your organization. DocumentDB cluster backups are continuous and incremental, allowing you to quickly restore to any point within the backup retention period configured (between 1 and 35 days). Retaining AWS DocumentDB backups for a longer period of time will allow you to handle more efficiently your data restoration process in the event of a failure.
Note: This conformity rule will use 7 days (recommended) as the threshold for the sufficient backup retention period. However, you can adjust anytime the number of days (up to 35), to suit your organization requirements.
To determine if your Amazon DocumentDB clusters have a sufficient backup retention period (≥ 7 days) set for automated backups, perform the following actions:
Remediation / Resolution
To update your Amazon DocumentDB clusters configuration in order to set up a sufficient backup retention period, perform the following actions:
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
DocumentDB Sufficient Backup Retention Period
Risk level: Medium