[RDS.14]
Amazon Aurora clusters should have backtracking enabled
Description
All Amazon Aurora clusters must have backtracking enabled. Keeping backups strengthen the robustness of your database and recover quickly from security incidents. This rule is COMPLIANT when an Amazon Aurora cluster has backtracking enabled.
Details
| Property | Value |
|---|---|
| Category | Recover > Resilience > Backups enabled |
| Compliance Control ID | RDS.14 |
| FortifyFox ID | FF100041 |
| Link | RDS.14 Compliance |
| Resource Type(s) | AWS::RDS::DBInstance |
| Severity | Medium |
Remediation
Use the following CloudFormation templates to deploy a RDS DB Instance compliant with RDS.14
YAML Template
Resources:
rdsDBCluster:
Type: "AWS::RDS::DBCluster"
Properties:
BacktrackWindow: 259200
JSON Template
{
"Resources": {
"rdsDBCluster": {
"Type": "AWS::RDS::DBCluster",
"Properties": {
"BacktrackWindow": 259200
}
}
}
}
You can replace 259200 with your desired interval in seconds. (Should be less than or equal to 259200)
📓 Notes
- The cluster engine must be set to aurora