Evaluates whether log backup is enabled for ApsaraDB RDS instances. If log backup is enabled, the evaluation result is Compliant.
Scenarios
Use this rule to verify that log backup is enabled for ApsaraDB RDS instances, helping you meet security and regulatory requirements. ApsaraDB RDS supports data backups and log backups.
When log backup is enabled, binary log files are uploaded to dedicated backup space in real time. These log backup files allow you to restore data to any point in time within the backup retention period.
Risk level
Default risk level: high.
You can change the risk level based on your business requirements when you apply this rule.
Compliance evaluation logic
- If log backup is enabled for an ApsaraDB RDS instance, the evaluation result is Compliant.
- If log backup is disabled for an ApsaraDB RDS instance, the evaluation result is Incompliant. To remediate an incompliant configuration, seeIncompliance remediation.
Rule details
| Item | Description |
| Rule name | rds-instance-enabled-log-backup |
| Rule identifier | rds-instance-enabled-log-backup |
| Tag | RDS and Backup |
| Automatic remediation | Not supported |
| Trigger type | Periodic execution |
| Evaluation frequency | Interval of 24 hours |
| Supported resource type | ApsaraDB RDS instance |
| Input parameter | None. |
Incompliance remediation
Enable log backup for the ApsaraDB RDS instance. For more information, seeManage binary logs.