Periodically taking point-in-time snapshots of your RDS instances allows for efficient data restoration in the event of a user error or before making major changes to the database structure. To ensure that your RDS instances have automated backups enabled for point-in-time recovery, it is important to configure a backup window during which AWS RDS automatically takes a full daily snapshot of your data, along with transaction logs. The retention period for these backups can be defined by the instance owner, after which the backups are deleted.


To ensure that your RDS instances have a backup policy in place, you can take the following remediation steps:

  1. Identify all RDS instances that do not have automated backups enabled or do not have an appropriate backup policy in place.
  2. Determine the backup requirements of each database instance, including the frequency of backups, retention period, and the window during which backups should be taken.
  3. Enable automated backups for each RDS instance and configure the backup settings based on the identified requirements.
  4. Verify that the backups are being taken and stored correctly by checking the AWS Management Console or using the AWS CLI.
  5. Test the backup and restore process to ensure that it is functioning properly.
  6. Regularly review and update the backup policy as necessary to ensure that it is still meeting the business and compliance requirements.

By following these remediation steps, you can ensure that your RDS instances have an appropriate backup policy in place, which will enable efficient data restoration in the event of a user error or a disaster.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.