RDS instances should have automatic backups enabled

Description

This control checks that RDS instances have automated backups enabled and maintains a backup for at least 7 days. Read replicas are excluded from this evaluation. The control will fail if backups are not enabled for the instance or if the retention period is shorter than the specified time frame. Automated backups enhance recovery speed after a security incident and bolster system resilience. Amazon RDS allows you to configure daily full instance volume snapshots. For more information about Amazon RDS automated backups, refer to the Working with Backups section in the Amazon RDS User Guide.

Remediation

To enable automated backups on RDS instances, see Enabling automated backups in the Amazon RDS User Guide.

PREVIEWING: may/unit-testing