Guided Walkthroughs
Step-by-step configuration wizards for your environment
Dedicated Security Account
AWS Backup Strategy
VPC Connectivity Setup
Automated Patching
All Guides
A config rule that checks if an Amazon Relational Database Service (Amazon RDS) instance has deletion protection enabled. This rule is NON_COMPLIANT if an Amazon RDS instance does not have deletion protection enabled i.e deletionProtection is set to false.
AWSTemplateFormatVersion: "2010-09-09"
Description: ""
Resources:
ConfigRule:
Type: "AWS::Config::ConfigRule"
Properties:
ConfigRuleName: "rds-instance-deletion-protection-enabled"
Scope:
ComplianceResourceTypes:
- "AWS::RDS::DBInstance"
Description: "A config rule that checks if an Amazon Relational Database Service (Amazon RDS) instance has deletion protection enabled. This rule is NON_COMPLIANT if an Amazon RDS instance does not have deletion protection enabled i.e deletionProtection is set to fa..."
Source:
Owner: "AWS"
SourceIdentifier: "RDS_INSTANCE_DELETION_PROTECTION_ENABLED"
Parameters: {}
Metadata: {}
Conditions: {}