AWS-RDS-RDS-Deletion-Protection-Enabled

Severity: Medium

Description: This control ensures the Deletion Protection feature is enabled for the RDS Instance to prevent accidental deletions. This provides protection for the instance from being accidentally deleted. In a production environment, the availability of the data is very crucial and preventing deletion of an instance ensures the data is available. This feature is present in for all RDS engines supported by AWS.

Remediation Steps:

Perform following to update RDS instance deletion protection :

1. Login to the AWS Management Console at https://console.aws.amazon.com.

2. Navigate to RDS console.

3. In the navigation pane, Click on Databases.

4. Click on the Database instance to be modified, click Modify.

5. Under Deletion Protection, select enable deletion protection.

6. Click on the Continue.

7. Under Scheduling of modifications, select Apply Immediately.

8. Click on Modify DB Instance.

Important:

•  This ensures the availability of the data, which is a very crucial aspect in production environments

Reference :

• https://aws.amazon.com/about-aws/whats-new/2018/09/amazon-rds-now-provides-database-deletion-protection/

• https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_DeleteInstance.html