Skip to main content

Configure AWS RDS DB Instances should have deletion protection enabled

  1. Configure AWS RDS DB Instances should have deletion protection enabled
  2. Use Case for AWS RDS DB Instances should have deletion protection enabled
  3. Triage Guides by Violation Type
    1. Triage AWS RDS DB Instances should have deletion protection enabled ENHANCED_MONITORING_NOT_ENABLED

How do I enable this policy?

Signature:
Type: Pyrae::Policy::PolicyDocument::Signatory
Properties:
SignatureTeamUrn: { "PyRef": "PyraeTeam" }
PolicyUrn: "urn:pyrae:policy:us-west-2:sAutx4ZxiqTJUzJdvky2km:policy/rdsDbInstanceEnhancedMonitoringPolicy"

What permissions does this policy require in my AWS account?

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"rds:DescribeDBInstances"
],
"Resource": "*"
}
]
}

What resources match this policy?

Type: Pyrae::Observer::MatchingRule
Properties:
MatchAccountType: aws
MatchUrnService: rds
MatchUrnResourceType: db