Skip to content

Ensure instance deletion protection is enabled

Description

Ensures that the RDS deletion protection setting is enabled for this instance.

Rationale

Enabling deletion protection is critical as it prevents inadvertent loss of data and unavailability.

Applies To

  • Databases

Tags

This rule is applied when the following tags are present:

Tag With Value
secureclouddb/provider aws
secureclouddb/service rds
secureclouddb/resource-type db

Default Rule

/**
 * @param {Object} databaseSettings - database settings object
 * @returns {boolean} true if database instance has deletion protection enabled
 */
function validate(databaseSettings) {
    const success = databaseSettings.awsDatabaseInstance &&
                    databaseSettings.awsDatabaseInstance.rdsDatabaseInstance &&
                    databaseSettings.awsDatabaseInstance.rdsDatabaseInstance.deletionProtection

    return {
        success,
    }
}

// invoke
validate(databaseSettings);