Control: AWS > RDS > DB Instance > Approved
Take an action when an AWS RDS db instance is not approved based on AWS > RDS > DB Instance > Approved > * policies
.
The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.
See Approved for more information.
Resource Types
This control targets the following resource types:
Policies
The following policies can be used to configure this control:
This control type relies on these other policies when running actions:
- AWS > RDS > Enabled
- AWS > RDS > DB Instance > Approved > Usage
- AWS > RDS > DB Instance > Approved > Custom
- AWS > RDS > DB Instance > Approved > Regions
- AWS > RDS > DB Instance > Approved > Budget
- AWS > RDS > DB Instance > Approved > Instance Classes
- AWS > RDS > DB Instance > Approved > Database Engines
- AWS > RDS > DB Instance > Approved > Encryption at Rest
- AWS > RDS > DB Instance > Approved > Encryption at Rest > Customer Managed Key
Quick Actions
Permissions
Cloud permissions used by this control and its actions:
rds:DeleteDBInstance
rds:StopDBInstance
Category
In Your Workspace
Developers
- tmod:@turbot/aws-rds#/control/types/dbInstanceApproved
- tmod:@turbot/turbot#/control/categories/resourceApproved
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-rds#/control/types/dbInstanceApproved"
Get Controls
Control Type URI
Category URI
GraphQL
CLI