Benchmark: 11.4 Establish and Maintain an Isolated Instance of Recovery Data
Description
Establish and maintain an isolated instance of recovery data. Example implementations include, version controlling backup destinations through offline, cloud, or off-site systems or services.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 11.4 Establish and Maintain an Isolated Instance of Recovery Data.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.cis_controls_v8_ig1_11_4Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.cis_controls_v8_ig1_11_4 --shareControls
- DynamoDB tables should be in a backup plan
- DynamoDB table point-in-time recovery should be enabled
- EBS volumes should be in a backup plan
- EC2 instance should have EBS optimization enabled
- EFS file systems should be in a backup plan
- ElastiCache Redis cluster automatic backup should be enabled with retention period of 15 days or greater
- RDS DB instance backup should be enabled
- RDS DB instances should be in a backup plan
- AWS Redshift clusters should have automatic snapshots enabled
- AWS Redshift should have required maintenance settings
- S3 bucket cross-region replication should be enabled
- S3 bucket versioning should be enabled