All Collections
Control Tests
Test: Daily Database Backups
Test: Daily Database Backups

Drata inspects your company backup configuration from its infrastructure provider to determine if the backup schedule is set to daily.

Ashley Hyman avatar
Written by Ashley Hyman
Updated over a week ago

ASSOCIATED DRATA CONTROL

This test is part of the Daily Database Backups control that ensures your company performs backups daily and retains them in accordance with a predefined schedule in their Backup Policy.

WHAT TO DO IF A TEST FAILS

If Drata finds that your databases have not been configured for automatic daily backups the test will fail. With a failed test you will receive a list of databases and corresponding backup configurations/scheduled outlining those that do not have daily backups set up.

To remediate a failed test you will need to update the database backup configuration and establish daily automated backups for the databases flagged.

STEPS FOR PASSING

To ensure a validated state when testing for daily backups, please follow the steps listed in the table below. Once the provider steps have been completed, navigate back to Drata and execute the test.

Provider / Technology

Provider Steps

Atlas - Projects

For an M10+

  1. Connect IDP and Atlas

  2. Create a production-level cluster

    1. Enable Cloud Backup
      - If you enable "Continuous Cloud Backup" as well, you're done!

    2. If "Continuous Cloud Backup" is disabled, go to your backup policy and make sure you have at either an hourly or daily backup snapshot schedule

  3. Save any changes

AWS - RDS - Amazon Aurora, Amazon DocumentDB

All of the clusters will pass by default as clusters must have a retention of 1 - so will pass the tests

AWS - RDS - MySQL

  1. Within AWS, go to the RDS service

  2. Create a Database

  3. Click on Additional configuration

    1. Click on Enable automatic backups

    2. Set a backup retention period more than 0 days

  4. Save Database

Azure - MySQL, Postgres, MSSQL, MariaDB, SQL Managed Instances

Within Azure, all managed databases are backed up by default.

Digital Ocean - Postgres, MySQL

When you create a Managed DB, the wizard will choose a daily backup window for you by default.

Digital Ocean - Redis

Redis DBs do not support daily backups and will always fail this monitor. You will need to exclude these from the test.

GCP - SQL

  1. Within GCP, go to the SQL service

  2. Create an instance

  3. Click on a database engine

    1. Enter an Instance ID

    2. Set a password for the root user

    3. Select a region

    4. Select any zone

    5. Database version

    6. Click on Show configuration options

    7. Open the "Backups, recovery, and high availability"

      1. Make sure to click on Automate backups

    8. Open the "Machine type and storage"

    9. Select a machine size

    10. Disable the "Enable automatic storage increases"

  4. Click on Create button

Heroku

This monitoring test currently only tests for Heroku Postgres pricing tier and not for a DB backup schedule. These schedules are not exposed over Heroku's API.

A database will fail if it is on the hobby-dev or hobby-basic tier. If the database is on the standard, premium, or enterprise tier, it should pass, because “Every professional tier Heroku Postgres database comes with a behind-the-scenes Continuous Protection mechanism for disaster recovery” (documented here).

Did this answer your question?