Backups & DR

A collection of AWS controls related to creating and managed backups for AWS resources. Configuration items include templates to set up AWS Backup Plans which can backup data for AWS services such as DynamoDB, EFS, RDS, Storage Gateway and EC2, as well as Data LifeCycle Manager for EBS snapshots, and a number of compliance rules using AWS Config to ensure that AWS resources are properly backed up

FILTERS
 
Backup
AWS Backup
AWS
Configuration to create AWS Backup plans and vaults. AWS Backup automates the process of backing up of data across AWS services including EFS, DynamoDB, EC2, EBS, Aurora, RDS, and Storage Gateway, as well as setting custom retention policies, access policies, and encryption
Data Lifecycle Manager
Data Lifecycle Manager (Automated EBS Snapshots)
EC2
Configure a Data Lifecycle Manager (DLM) policy to automate the creation, retention, and deletion of snapshots taken to back up your Amazon EBS volumes.
Config Rule
RDS Public Snapshots Prohibited Check
RDS
A Config rule that checks if Amazon Relational Database Service (Amazon RDS) snapshots are public. The rule is non-compliant if any existing and new Amazon RDS snapshots are public.
encryption
Backup
RDS Backup Enabled Check
RDS
A config rule that checks whether RDS DB instances have backups enabled. Optionally, the rule checks the backup retention period and the backup window.
Backup
RDS Snapshot Encrypted Check
RDS
A config rule that checks whether Amazon Relational Database Service (Amazon RDS) DB snapshots are encrypted. The rule is NON_COMPLIANT, if Amazon RDS DB snapshots are not encrypted.
encryption
Backup
Redshift Cluster Backup Enabled Check
Redshift
A Config rule that checks that Amazon Redshift automated snapshots are enabled for clusters. The rule is NON_COMPLIANT if the value for automatedSnapshotRetentionPeriod is greater than MaxRetentionPeriod or less than MinRetentionPeriod or the value is 0.
Backup
EBS Snapshots Not Publicly Restorable Check
EC2
A Config rule that checks whether Amazon Elastic Block Store snapshots are not publicly restorable. The rule is NON_COMPLIANT if one or more snapshots with the RestorableByUserIds field is set to all. If this field is set to all, then Amazon EBS snapshots are public.
Backup
ElastiCache Redis Cluster Automatic Backup Enabled Check
ElastiCache
A Config rule that checks if the Amazon ElastiCache Redis clusters have automatic backup turned on. The rule is NON_COMPLIANT if the SnapshotRetentionLimit for Redis cluster is less than the SnapshotRetentionPeriod parameter.
Backup
RDS Database in AWS Backup Plan Check
RDS
A Config rule that checks whether Amazon RDS database is present in back plans of AWS Backup. The rule is NON_COMPLIANT if Amazon RDS databases are not included in any AWS Backup plan.
Backup
EFS File System in AWS Backup Plan Check
EFS
A Config rule that checks whether Amazon Elastic File System (Amazon EFS) file systems are added in the backup plans of AWS Backup. The rule is NON_COMPLIANT if EFS file systems are not included in the backup plans.
Backup
DynamoDB Table in AWS Backup Plan Check
DynamoDB
A Config rule that checks whether Amazon DynamoDB table is present in AWS Backup plans. The rule is NON_COMPLIANT if DynamoDB tables are not present in any AWS Backup plan.
Backup
EBS Volume in AWS Backup Plan Check
EC2
A Config rule that checks if Amazon Elastic Block Store (Amazon EBS) volumes are added in backup plans of AWS Backup. The rule is NON_COMPLIANT if Amazon EBS volumes are not included in backup plans.
Backup
© 2020 asecurecloud Inc. All Rights Reserved.