RDS clusters should have deletion protection enabled
With the Deletion Protection security feature enabled, you can rest easy knowing that your specific Amazon RDS database instances cannot be accidentally deleted.
This control determines whether deletion protection is enabled for RDS clusters. Your unique Amazon RDS database instances cannot be unintentionally destroyed if the Deletion Protection safety feature is set, ensuring the security of your data.
For RDS DB instances, this control is specifically designed. However, it may also produce results for Amazon DocumentDB clusters, Neptune and Aurora DB instances. You can conceal these results if they are useless.
An extra degree of defense against unintentional database deletion or destruction by unauthorized parties is enabled cluster deletion protection. An RDS cluster cannot be destroyed while deletion protection is activated. Deletion protection must be turned off in order for a deletion request to be approved.
Note: The following Regions do not support this control: Beijing, Ningxia, Bahrain, and Sao Paulo. Additionally, every existing database engine except Amazon Aurora enable deletion protection for RDS instances, which is done at the cluster level rather than the individual level.
Enabling Deletion Protection for RDS DB Clusters:
To enable deletion protection for an RDS DB cluster, simply follow these instructions:
- Launch the Amazon RDS interface.
- Select Databases from the navigation pane, then pick the DB cluster you wish to change.
- Select Modify.
- Select Enable deletion protection under "Deletion protection."
- Select Continue.
- Select the appropriate time to apply adjustments under Modification Scheduling. Apply now or apply during the upcoming maintenance window are the available alternatives.
- Select Modify Cluster.
In this context, it can also be beneficial to create AWS Config-managed rules using templates. Follow these instructions to do so:
- Create a new stack via the CloudFormation console.
- If you downloaded the template, pick Upload a template file and then Choose file to upload the template under Specify templates. You may alternatively input the template URL and select the Amazon S3 URL.
- Select Next.
- Type a stack name and parameter values for the AWS Config rule under Specify stack information.
- Select Next.
- You can set up tags or other additional settings via Options. These are optional. Select Next.
- Check sure the template, parameters, and other settings are accurate for Review.
- Select Create. In just a few minutes, the stack is constructed. In the AWS Config console, you can see the newly generated rule.
How was our guide to RDS clusters? Tell us what you think in the comments.