Rule: RDS Aurora clusters should be protected by backup plan
This rule ensures that RDS Aurora clusters have a backup plan in place for data protection.
| Rule | RDS Aurora clusters should be protected by backup plan |
| Framework | GxP EU Annex 11 |
| Severity | ✔ Medium |
Rule Description:
RDS Aurora clusters should be protected by a backup plan that adheres to the guidelines outlined in GxP EU Annex 11. This rule ensures that databases containing sensitive and critical data in RDS Aurora clusters are safeguarded against data loss or corruption.
Troubleshooting Steps:
If there are any issues with the backup plan for RDS Aurora clusters, follow these troubleshooting steps:
- 1.Validate the backup plan configuration: Check if the backup plan for the RDS Aurora cluster is correctly configured according to the GxP EU Annex 11 guidelines.
- 2.Review backup frequency: Confirm that backups are scheduled at appropriate intervals to meet the required RPO (Recovery Point Objective).
- 3.Verify backup retention: Make sure the retained backups comply with the required retention period defined in GxP EU Annex 11.
- 4.Check backup storage: Ensure that the backup storage locations are secure and comply with data integrity requirements.
- 5.Test data restoration: Validate the process of restoring data from backups to ensure it works effectively during an actual restore scenario.
- 6.Verify backup monitoring: Monitor the backup processes to receive alerts or notifications on any failures or issues encountered.
Neccessary Codes:
No specific codes are required for this rule. Configuration and monitoring of the backup plan can be managed using the AWS Management Console or the AWS Command Line Interface (CLI).
Step-by-Step Guide for Remediation:
Follow these steps to ensure compliance with the backup plan guidelines for RDS Aurora clusters:
- 1.Review GxP EU Annex 11 guidelines: Familiarize yourself with the specific requirements mentioned in GxP EU Annex 11 regarding data backup and protection.
- 2.Identify critical databases: Identify the RDS Aurora clusters hosting critical data that fall under the scope of GxP EU Annex 11.
- 3.Create a backup plan: Define a backup plan that complies with the backup frequency, retention period, and backup storage requirements specified in GxP EU Annex 11.
- 4.Configure automated backups: Enable automated backups for your RDS Aurora clusters and set the backup frequency based on the defined backup plan.
- 5.Enable backup encryption: If encryption is required by GxP EU Annex 11, enable encryption for the backups to ensure data confidentiality.
- 6.Validate backup retention: Confirm that the retained backups comply with the required retention period defined in GxP EU Annex 11.
- 7.Verify backup storage security: Ensure that the backup storage locations maintain data integrity and meet the security requirements stated in GxP EU Annex 11.
- 8.Test data restoration: Periodically test the restoration process by restoring data from backups to verify its effectiveness and reliability.
- 9.Implement backup monitoring: Monitor the backup processes regularly to detect any failures or issues that might affect the backup plan's integrity.
- 10.Document the backup plan: Maintain detailed documentation of the implemented backup plan, including the configuration settings, monitoring procedures, and any updates or changes made.
- 11.Periodic review and audit: Conduct periodic reviews and audits to ensure ongoing compliance with GxP EU Annex 11 guidelines and make any necessary adjustments to the backup plan.
Remember to consult with your organization's IT and security teams to incorporate any additional policies or specific requirements they may have.
Please note that the above guidelines are provided as general steps to comply with GxP EU Annex 11 regarding backup plans for RDS Aurora clusters. It is important to also follow any company-specific procedures or guidelines in conjunction with external regulations.