Policy: AWS > RDS > DB Instance > Allowed > Database Engine
Determine the action to take when an AWS RDS db instance is created with a database engine that is not allowed.
The Allowed > Database Engine control checks if the db instance is created with an allowed database engine based on the Allowed > Database Engine > * policies. If the db instance is created with a database engine that is not in the allowed list, the control raises an alarm and takes the defined enforcement action.
For any enforcement actions that specify if new, e.g., Enforce: Delete if database engine not allowed and resource is new, the control will only take the enforcement actions for resources created within the last 60 minutes.
Targets
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Related Policies
Controls
Setting this policy configures this control:
Policy Specification
Schema Type | |
|---|---|
Default | |
Valid Values [YAML] |
|
Examples [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/turbot#/control/categories/resourceAllowed
- tmod:@turbot/aws-rds#/policy/types/dbInstanceAllowedDatabaseEngines
- turbot graphql policy-type --id "tmod:@turbot/aws-rds#/policy/types/dbInstanceAllowedDatabaseEngines"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-rds#/policy/types/dbInstanceAllowedDatabaseEngines"
Get Policy TypeGet Policy Settings