RDS instance ‘Deletion Protection’ should be enabled¶
Description¶
Enabling deletion protection ensures that any user or anonymous user can’t accidentally or intentionally delete your database.
Console Remediation Steps¶
Navigate to RDS.
In the left navigation, select the Databases.
Select the database you want to enable data protection.
Click Modify and in Deletion Protection, check the Enable deletion protection checkbox.
Click Continue.
In Scheduling of modifications, select Apply during the next scheduled maintenance window or Apply immediately.
Click Modify DB Instance.
CLI Remediation Steps¶
To enable delete protection for an AWS RDS instance for Linux, macOS, or Unix:
aws rds modify-db-instance \
--db-instance-identifier mydbinstance \
--deletion-protection \
--no-apply-immediately
To enable delete protection for an AWS RDS instance for Windows:
aws rds modify-db-instance ^
--db-instance-identifier mydbinstance ^
--deletion-protection ^
--no-apply-immediately