Rule: RDS DB Instance Backup Should Be Enabled
This rule ensures that the RDS DB instance backup feature is enabled to prevent data loss and ensure disaster recovery.
| Rule | RDS DB instance backup should be enabled |
| Framework | GxP EU Annex 11 |
| Severity | ✔ Medium |
RDS DB Instance Backup for GxP EU Annex 11
Description
In order to comply with the requirements of GxP EU Annex 11, it is necessary to enable regular backups for your RDS (Relational Database Service) instances in AWS. The GxP EU Annex 11 guidelines ensure the integrity, reliability, and availability of electronic records and systems used in the life sciences industry. Enabling backups will help protect your data and enable recovery in the event of data loss or system failures.
Policy Details
- Policy Name: RDS DB Instance Backup for GxP EU Annex 11
- Policy Description: Enable regular backups for RDS DB instances to meet GxP EU Annex 11 requirements
- Policy Severity: Medium
- Affected Resources: RDS DB instances
Troubleshooting Steps
If the backups are not enabled for your RDS DB instance, follow these steps:
- 1.Verify Backup Status: Check if the backups are currently disabled for your RDS DB instance.
- 2.Enable Automatic Backups: If backups are not enabled, modify the instance settings to enable automatic backups. Ensure that the retention period for the backups meets your regulatory requirements. (The minimum retention period for automated backups is one day)
- 3.Verify Backup Schedule: Confirm that the backup schedule is set as per your organizational requirements. By default, automated backups occur daily during the maintenance window, but you can customize the schedule according to your needs.
Configuration Code
To enable backups for RDS DB instances, use the following code:
aws rds modify-db-instance \ --db-instance-identifier <db-instance-identifier> \ --backup-retention-period <retention-period-in-days> \ --apply-immediately
Replace
<db-instance-identifier><retention-period-in-days>Remediation Steps
To enable backups for your RDS DB instance in compliance with GxP EU Annex 11, follow these steps:
- 1.Open the AWS Management Console and navigate to the RDS service.
- 2.Select the appropriate region from the top-right corner of the console.
- 3.Click on "Databases" in the left sidebar and choose the relevant RDS DB instance.
- 4.Click on the "Modify" button to change the instance settings.
- 5.Scroll down to the "Backup" section and ensure that the "Backup retention period" is set to the desired number of days for which backups should be retained (according to your regulatory requirements).
- 6.Check the box for "Backup Storage Type" to choose from the available options.
- 7.Click on "Continue" and review the modifications.
- 8.Scroll down and click "Modify DB instance" to save the changes.
- 9.The modifications will be applied during the next maintenance window, or you can choose to apply them immediately if necessary.
Conclusion
Enabling regular backups for RDS DB instances is crucial to meet the requirements of GxP EU Annex 11. Following the troubleshooting and remediation steps provided above will ensure the backup functionality is enabled to safeguard your data and comply with regulatory standards.