Ensure that your Microsoft Azure PostgreSQL database servers have geo-redundant backups enabled, to allow you to restore your PostgreSQL servers to a different Azure region in the event of a regional outage or a disaster.
This rule resolution is part of the Conformity solution.
Geo-restore is the default recovery option when your PostgreSQL database server is unavailable because of a large-scale incident, such as a natural disaster, occurs in the region where the database server is hosted. PostgreSQL servers that support up to 4 TB of storage can be restored to its geo-paired region, or to any region that supports up to 16 TB of storage. For database servers that support up to 16 TB of storage, geo-backups can be restored in any Azure region that support 16 TB servers as well. During geo-restore, the PostgreSQL server configuration can be changed. These configuration changes include compute generation, vCore, backup retention period and backup redundancy options.
Audit
To determine if geo-redundant backups are enabled for your Azure PostgreSQL database servers, perform the following operations:
Remediation / Resolution
To enable geographically redundant backups for your Azure PostgreSQL database servers, you have to re-create the existing database servers with the appropriate configuration, by performing the following operations:
References
- Azure Official Documentation
- Backup and restore in Azure Database for PostgreSQL - Single Server
- How to backup and restore a server in Azure Database for PostgreSQL - Single Server using the Azure portal
- How to back up and restore a server in Azure Database for PostgreSQL - Single Server using the Azure CLI
- Azure Command Line Interface (CLI) Documentation
- az postgres server list
- az postgres server show
- az postgres server create
- az postgres server delete