Checks whether the retention period for the automatic snapshots of each Elastic Compute Service (ECS) instance is greater than a specified number of days. If so, the evaluation result is Compliant.
Scenarios
The Alibaba Cloud snapshot service is an agentless backup service that allows you to create crash-consistent snapshots for all disk categories to back up or restore an entire disk. You can retain snapshots for a specified number of days based on your business requirements. This way, you can use the snapshots to back up data, create images, and perform disaster recovery.
Risk level
Default risk level: low.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
- If the retention period of each automatic snapshot is greater than a specified number of days, the evaluation result is Compliant.
- If the retention period of an automatic snapshot is less than or equal to a specified number of days, the evaluation result is Incompliant. For more information about how to remediate an incompliant configuration, see Incompliance remediation.
Rule details
| Item | Description |
|---|---|
| Rule name | ecs-snapshot-retention-days |
| Rule identifier | ecs-snapshot-retention-days |
| Tag | ECS and Snapshot |
| Automatic remediation | Not supported |
| Trigger type | Configuration change |
| Supported resource type | Automatic snapshot policy |
| Input parameter | days. Default value: 7. Unit: days.
Note Separate multiple values with commas (,).
|
Incompliance remediation
Change the retention period of your automatic snapshot policy. Make sure that the retention period is greater than a specified number of days in Cloud Config. For more information, see Modify an automatic snapshot policy.