github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/rds/AVD-AWS-0077/Terraform.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/rds/AVD-AWS-0077/Terraform.md (about)

     1  
     2  Explicitly set the retention period to greater than the default
     3  
     4  ```hcl
     5   resource "aws_rds_cluster" "good_example" {
     6   	cluster_identifier      = "aurora-cluster-demo"
     7   	engine                  = "aurora-mysql"
     8   	engine_version          = "5.7.mysql_aurora.2.03.2"
     9   	availability_zones      = ["us-west-2a", "us-west-2b", "us-west-2c"]
    10   	database_name           = "mydb"
    11   	master_username         = "foo"
    12   	master_password         = "bar"
    13   	backup_retention_period = 5
    14   	preferred_backup_window = "07:00-09:00"
    15     }
    16   
    17  
    18  ```
    19  ```hcl 
    20     resource "aws_db_instance" "good_example" {
    21   	allocated_storage    = 10
    22   	engine               = "mysql"
    23   	engine_version       = "5.7"
    24   	instance_class       = "db.t3.micro"
    25   	name                 = "mydb"
    26   	username             = "foo"
    27   	password             = "foobarbaz"
    28   	parameter_group_name = "default.mysql5.7"
    29   	backup_retention_period = 5
    30   	skip_final_snapshot  = true
    31   }
    32   
    33  ```
    34  
    35  #### Remediation Links
    36   - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/rds_cluster#backup_retention_period
    37  
    38   - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/db_instance#backup_retention_period
    39