Policy Packs
Enforce Encryption at Rest Is Enabled for RDS DB Instances

Policy Setting: AWS > RDS > DB Instance > Approved > Encryption at Rest

Policies

This policy setting is dependent on the following policy types:

Source

resource "turbot_policy_setting" "aws_rds_db_instance_approved_encryption_at_rest" {
resource = turbot_policy_pack.main.id
type = "tmod:@turbot/aws-rds#/policy/types/dbInstanceEncryptionAtRest"
value = "AWS managed key or higher"
# value = "Customer managed key"
# value = "Encryption at Rest > Customer Managed Key"
}