github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/documentdb/AVD-AWS-0021/CloudFormation.md (about) 1 2 Enable storage encryption 3 4 ```yaml--- 5 Resources: 6 GoodExample: 7 Type: "AWS::DocDB::DBCluster" 8 Properties: 9 BackupRetentionPeriod : 8 10 DBClusterIdentifier : "sample-cluster" 11 DBClusterParameterGroupName : "default.docdb3.6" 12 KmsKeyId : "your-kms-key-id" 13 StorageEncrypted: true 14 EnableCloudwatchLogsExports: 15 - audit 16 - profiler 17 InstanceInstanceExample: 18 Type: "AWS::DocDB::DBInstance" 19 Properties: 20 AutoMinorVersionUpgrade: true 21 AvailabilityZone: "us-east-1c" 22 DBClusterIdentifier: "sample-cluster" 23 DBInstanceClass: "db.r5.large" 24 DBInstanceIdentifier: "sample-cluster-instance-0" 25 PreferredMaintenanceWindow: "sat:06:54-sat:07:24" 26 27 ``` 28 29