AWS Config: can't remediate backup-plan-min-frequency-and-min-retention-check


Hi all,

I could not figure out how to remediate backup-plan-min-frequency-and-min-retention-check rule. This is my Backup Plan configuration:

    "BackupPlanRule": [
          "TargetBackupVault": "dev-backup",
          "RuleName": "dev-backup-plan-monthly",
          "ScheduleExpression": "cron(0 0 ? * SUN#1 *)",
          "StartWindowMinutes": 60,
          "CompletionWindowMinutes": 180,
          "Lifecycle": {
            "DeleteAfterDays": 93
          "RecoveryPointTags": {},
          "CopyActions": [],
          "EnableContinuousBackup": false,
          "ScheduleExpressionTimezone": "EST"

Appreciate any input on how to make the plan pass.



2 Answers
Accepted Answer

Found the issue, the cron expression indicates that the backup frequency could be more than 31 days, i.g.: 1st Sunday of a month to the next. Rule works as expected.

answered 4 months ago
profile picture
reviewed 2 months ago

t appears you have set up a rule (dev-backup-plan-monthly) that triggers a backup on the first Sunday of each month. The retention period for these backups is set to 93 days. In order to change the backup frequency cron(0 0 ? * SUN#1 *) , you need to cron job expression . PLease use to this tools at what time you need to schedule for backup frequency :

profile picture
answered 4 months ago
  • Thanks for your feedbacks. The cron is exactly what I need. My question is why that backup plan doesn't pass the rule. Config rule has input parameters set as below:

    • requiredFrequencyValue: 31
    • requriedFrequencyUnit: days
    • requiredRetentionDays: 31

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions