AWS Neptune DB clusters have backup retention period less than 7 days
Description
This policy checks whether a Neptune DB cluster in AWS (Amazon Web Services) has automated backups enabled and if these backups have an appropriate retention period. A backup is a copy of data that can be used to restore and recover data in the event of a failure or loss. The retention period refers to the length of time that backups are retained or kept.
The reason why this policy is important is that if automated backups are not enabled or do not have an adequate retention period, there could be a significant risk to the organization. Backups provide a safeguard against data loss, corruption or accidental deletion. Insufficient retention could lead to a situation where essential data cannot be restored because the backup has been discarded. Therefore, neglecting the importance of proper backup strategies could lead to detrimental effects on the business, from downtime to legal or compliance issues.
Code Example
resource "aws_neptune_cluster" "default" {
...
backup_retention_period = 7
}Remediation
Terraform
To fix this issue, ensure that the `backup_retention_period` property in the `aws_neptune_cluster` resource is set to at least 7 days.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0408 |
| Severity | INFO |
| IaC Type | Cloudformation |
| Frameworks | Terraform, TerraformPlan |
| Checkov ID | CKV_AWS_361 |