DocumentDB clusters should have an appropriate backup retention period set

Description

This check determines if an Amazon DocumentDB cluster maintains a backup retention period of at least 7 days. A value of 7 to 35 days can be set.

Backups are essential for rapid recovery from security incidents and for enhancing system resilience. By setting up automated backups for Amazon DocumentDB clusters, you can swiftly restore your systems to a previous state, thereby reducing system downtime and loss of data. Typically, Amazon DocumentDB clusters are configured with a default backup retention period of 1 day. To comply with this control, the backup retention period should be extended to a minimum of 7 days and up to a maximum of 35 days.

Remediation

To adjust the backup retention period for your Amazon DocumentDB clusters, refer to the section Modifying an Amazon DocumentDB cluster in the Amazon DocumentDB Developer Guide. There, select the desired backup retention period under the Backup settings.