Rule: RDS DB Instances in Backup Plan
Ensure RDS DB instances are included in a backup plan to maintain data integrity and security.
| Rule | RDS DB instances should be in a backup plan |
| Framework | GxP EU Annex 11 |
| Severity | ✔ High |
Rule Description
RDS DB instances in GxP (Good Practice for Pharmaceutical) EU Annex 11 regulated environments should have a backup plan in place to ensure data integrity and compliance with regulatory requirements. The backup plan should include regular backups, retention policies, and secure storage of backups.
Troubleshooting Steps
If your RDS DB instances are not included in a backup plan for GxP EU Annex 11 compliance, follow these troubleshooting steps:
- 1.
Verify Backup Configuration: Check if the RDS DB instances have an existing backup configuration. You can do this by accessing the AWS Management Console or using AWS CLI commands.
- 2.
Check Backup Frequency: Ensure that backups are scheduled regularly according to the regulatory requirements. Backups should be performed at a frequency that ensures minimal data loss in case of a failure or data corruption.
- 3.
Review Backup Retention Period: Make sure the backup retention period is set appropriately. The retention period should comply with the regulatory requirements and factors such as data criticality, recovery time objectives, and business needs.
- 4.
Confirm Secure Storage: Ensure that backups are stored securely to protect against data loss, unauthorized access, or tampering. You can use AWS S3 or other secure storage options provided by AWS to store backups.
- 5.
Validate Backup Success: Verify that the backups are completing successfully without any errors or failures. If any errors are encountered, troubleshoot the issues and make the necessary adjustments to ensure successful backups.
Necessary Codes
There are no specific codes for this rule. However, you may need to use AWS CLI commands or scripting to automate the backup configuration and monitoring processes.
Step-by-Step Guide for Remediation
Follow these steps to ensure that RDS DB instances are included in a backup plan for GxP EU Annex 11 compliance:
- 1.
Identify the RDS DB instances: Determine which RDS DB instances fall under the GxP EU Annex 11 compliance requirements.
- 2.
Configure Automatic Backups: Enable automatic backups for the identified RDS DB instances. You can do this through the AWS Management Console or use the following AWS CLI command:
aws rds modify-db-instance --db-instance-identifier <instance-id> --backup-retention-period <retention-period>Replace
with the identifier of the RDS DB instance and<instance-id>
with the desired backup retention period in days.<retention-period> - 3.
Schedule Backup Window: Define a suitable backup window that ensures minimal impact on application performance and meets the regulatory requirements. Use the AWS Management Console or the following AWS CLI command to set the backup window:
aws rds modify-db-instance --db-instance-identifier <instance-id> --preferred-backup-window <backup-window>Replace
with the identifier of the RDS DB instance and<instance-id>
with the desired backup window timing.<backup-window> - 4.
Validate Backups: Monitor the backup process to ensure that backups are successfully completed and stored securely. Use the following AWS CLI command to list the available backups for an RDS DB instance:
aws rds describe-db-instance-automated-backups --db-instance-identifier <instance-id>Replace
with the identifier of the RDS DB instance.<instance-id> - 5.
Regularly Review and Update Backup Plan: Periodically review the backup plan to ensure it aligns with any changes in regulatory requirements, data criticality, or business needs. Make adjustments as necessary.
By following these steps, you can establish a backup plan for RDS DB instances in compliance with GxP EU Annex 11 regulations to ensure data integrity and regulatory compliance.