RDS instances should have deletion protection enabled

Description

This control ensures that deletion protection is activated for an RDS instance that uses one of the below specified database engines. Activating deletion protection adds an extra layer of security against accidental or unauthorized deletion of a database. Deletion protection must be disabled before deletion requests can be accomplished.

Applicable Database Engines: mariadb,mysql,custom-oracle-ee,oracle-ee-cdb,oracle-se2-cdb,oracle-ee,oracle-se2,oracle-se1,oracle-se,postgres,sqlserver-ee,sqlserver-se,sqlserver-ex,sqlserver-web

Remediation

To enable deletion protection for an RDS instance, refer to the section Modifying an Amazon RDS instance in the Amazon RDS User Guide.

PREVIEWING: may/unit-testing