Rule: DynamoDB Table Should Be Protected by Backup Plan
This rule ensures that DynamoDB table is safeguarded by a backup plan to prevent data loss.
| Rule | DynamoDB table should be protected by backup plan |
| Framework | GxP EU Annex 11 |
| Severity | ✔ High |
Rule: DynamoDB Table Backup for GxP EU Annex 11 Compliance
Description of the Rule
Background
Good Practices for pharmaceuticals, commonly known as GxP, encompasses various aspects of compliance in the pharmaceutical industry, including the EU Annex 11, which provides guidance on computerized systems. One essential requirement is to ensure that critical data, such as those stored in AWS DynamoDB tables, is regularly backed up and protected against loss.
DynamoDB and GxP EU Annex 11 Compliance
Ensuring that AWS DynamoDB tables are regularly backed up is crucial for maintaining data integrity, availability, and security. This complies with the requirements of GxP EU Annex 11 that call for meticulous data management and protection strategies.
Troubleshooting Steps
If a DynamoDB table is not backed up correctly, follow these troubleshooting steps:
- 1.Check Backup Settings:
- Verify if the DynamoDB table has automatic backups enabled.
- 2.Assess Backup Frequency and Retention:
- Ensure that the backup frequency aligns with the required compliances and that retention periods are sufficiently long.
- 3.Review Backup Permissions:
- Confirm that the correct IAM roles and policies are in place to allow backups.
- 4.Audit Logs:
- Examine CloudTrail logs for any errors or failed attempts related to DynamoDB backups.
- 5.Network Connectivity:
- For on-demand backups, confirm that network issues are not preventing backup processes.
Necessary Codes and CLI Commands
Enable Automatic Backups Using AWS CLI
aws dynamodb update-continuous-backups \ --table-name <YourTableName> \ --point-in-time-recovery-specification PointInTimeRecoveryEnabled=true
Replace
<YourTableName>Create an On-Demand Backup Using AWS CLI
aws dynamodb create-backup \ --table-name <YourTableName> \ --backup-name <YourBackupName>
Replace
<YourTableName><YourBackupName>Step by Step Guide for Remediation
- 1.Enable Continuous Backups:
- Go to the DynamoDB console, select the table, and under the 'Backups' tab, enable 'Point-in-time recovery'.
- 2.Configure Backup Retention:
- Define a backup retention policy that aligns with GxP EU Annex 11 requirements.
- 3.Implement IAM Policies:
- Set up IAM roles and policies that grant necessary permissions for backing up DynamoDB tables.
- 4.Monitor Backups:
- Regularly monitor the status of backups and alerts for any issues that arise.
- 5.Test Data Recovery:
- Periodically test the recovery procedures to ensure that data can be restored accurately and promptly.
- 6.Documentation:
- Maintain detailed records of backup schedules, retention policies, and recovery tests.
By following these steps, you can ensure that your DynamoDB tables are backed up in compliance with GxP EU Annex 11 and protect critical pharmaceutical data. Remember, successful adherence to GxP regulations necessitates both technological and procedural safeguards to maintain data integrity and availability.