Backup vault should have a policy

Best practices

Backup vault should have a policy

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
coppa
CPRA
essential_8_au
essential_8_au_level_1
essential_8_au_level_2
hdh
ISO/IEC 27001
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-53
Orca Best Practices
PDPA

Description

AWS Backup is a fully-managed service that protects data across AWS services. We identified a Backup vault '{AwsBackupVault}' which does not contain policy. Policy associated with an identity, defines their permissions, in backup vault case, the ability to restore, update and delete actions. The best practice is to ensure backup vaults have a policy configured to prevent unintentional deletion.

Recommended Mitigation

To enhance reliability, It is recommended to configure a policy for each Backup vault. Add a custom policy to a Backup vault. More details can be found in <a href="https://docs.aws.amazon.com/aws-backup/latest/devguide/creating-a-vault-access-policy.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/aws-backup/latest/devguide/creating-a-vault-access-policy.html</a>

Backup vault should have a policy

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS