@turbot/aws-rds

The aws-rds mod contains resource, control and policy definitions for AWS RDS service.

Recommended Version

Version

5.26.1

Released On

Dec 15, 2023

Depends On

@turbot/aws ^5.0.0
@turbot/turbot ^5.22.0
@turbot/turbot-iam ^5.1.0
@turbot/aws-iam ^5.1.0

Resource Types

Control Types

Policy Types

Release Notes

5.26.1 (2023-12-15)

Bug fixes

The AWS > RDS > DB Instance > Discovery control would sometimes upsert DocumentDB Instances as RDS Instances in Guardrails CMDB. This is fixed and the control will now filter out DocumentDB Instances while upserting resources in CMDB.

5.26.0 (2023-11-07)

What's new?

We've updated the runtime of the lambda functions to Node 18. You wouldn't notice any difference and things will continue to work smoothly and consistently as before.
Resource's metadata will now also include createdBy details in Turbot CMDB.

5.25.0 (2023-09-21)

What's new?

Rebranded to a Turbot Guardrails Mod. To maintain compatibility, none of the existing resource types, control types or policy types have changed, your existing configurations and settings will continue to work as before.
AWS/RDS/Admin, AWS/RDS/Metadata and AWS/RDS/Operator now include permissions for Performance Insights.

5.24.0 (2023-06-05)

What's new?

Resource's metadata will now also include createdBy details in Guardrails CMDB.

5.23.0 (2023-05-17)

Resource Types

AWS > RDS > Global Cluster

Control Types

AWS > RDS > Global Cluster > Active
AWS > RDS > Global Cluster > Approved
AWS > RDS > Global Cluster > CMDB
AWS > RDS > Global Cluster > Discovery

Policy Types

AWS > RDS > Global Cluster > Active
AWS > RDS > Global Cluster > Active > Age
AWS > RDS > Global Cluster > Active > Budget
AWS > RDS > Global Cluster > Active > Last Modified
AWS > RDS > Global Cluster > Approved
AWS > RDS > Global Cluster > Approved > Budget
AWS > RDS > Global Cluster > Approved > Custom
AWS > RDS > Global Cluster > Approved > Usage
AWS > RDS > Global Cluster > CMDB

Action Types

AWS > RDS > Global Cluster > Delete
AWS > RDS > Global Cluster > Delete from AWS
AWS > RDS > Global Cluster > Router
AWS > RDS > Global Cluster > Skip alarm for Active control
AWS > RDS > Global Cluster > Skip alarm for Active control [90 days]
AWS > RDS > Global Cluster > Skip alarm for Approved control
AWS > RDS > Global Cluster > Skip alarm for Approved control [90 days]

5.22.9 (2023-03-31)

Bug fixes

The rds:RestoreDBInstanceToPointInTime real-time event was not processed correctly in Guardrails which would lead to restored DB Instances not getting upserted in Guardrails CMDB. This is fixed and the event will now be processed correctly.

5.22.8 (2023-02-10)

Bug fixes

Guardrails would sometimes upsert DB Cluster Snapshots [Manual] and DB Snapshots [Manual] with incorrect casing via real-time create events which could lead to duplicate resources in Guardrails CMDB. This is fixed and the resources will now be upserted correctly and smoothly than before.

5.22.7 (2022-11-25)

Bug fixes

Previously, for any missing DB Cluster Parameter Group, DB Parameter Group, Option Group or Subnet group in Guardrails, we would overlook and not process any of the real-time update events for such resources. From now on, for any such update event, we will try and discover all missing resources and upsert them into Guardrails CMDB to allow users to manage their resources more reliably and consistently than before.

5.22.6 (2022-11-08)

Bug fixes

Previously, for any missing DB cluster, DB instance, DB cluster snapshot, or a DB snapshot in Guardrails, we would overlook and not process any of the real-time update events for such resources. From now on, for any such update event, we will try and discover all missing resources and upsert them into Guardrails CMDB to allow users to manage their resources more reliably and consistently than before.

5.22.5 (2022-10-20)

Bug fixes

In v5.22.4, we fixed an issue in the AWS > RDS > DB Cluster > Discovery control which would incorrectly move to an error state while trying to discover Aurora MySQL 5.6 clusters in sa-east-1 region. It turns out that the Discovery control would go into an error state in other regions too because Aurora MySQL 5.6 clusters have been deprecated in AWS and are about to reach their end of life soon. We've fixed this issue and the Discovery control will now run smoothly in all applicable regions.

5.22.4 (2022-10-13)

Bug fixes

The AWS > RDS > DB Cluster > Discovery control would incorrectly move to an error state while trying to discover Aurora MySQL 5.6 clusters in sa-east-1 region. This is now fixed.

5.22.3 (2022-09-30)

Bug fixes

The AWS > RDS > DB Cluster > Schedule and AWS > RDS > DB Instance > Schedule controls would sometimes fail to start/stop a DB Cluster/DB Instance as defined in AWS > RDS > DB Cluster > Schedule or AWS > RDS > DB Instance > Schedule policies respectively. This is fixed and the controls will now start/stop resources more reliably and consistently than before.

5.22.2 (2022-09-09)

Bug fixes

The rds:ModifyDBInstance and rds:ModifyDBCluster real-time events were not processed correctly in Guardrails when the identifier of an instance/cluster was updated. This is fixed and the CMDB data for such instances/clusters will now be updated correctly.

5.22.1 (2022-07-13)

Bug fixes

The lambda functions for certain controls/actions would re-run unnecessarily whenever the mod version was updated. This has now been fixed.

5.22.0 (2022-07-12)

What's new?

Users can now perform quick actions on resources to remediate cloud configuration issues or skip Guardrails alarms for issues that they want to come back to later. To get started, click on the Actions button, which will reveal a dropdown menu with available actions, and select one. See Quick Actions for more information.
README.md file is now available for users to check details about the resource types and service permissions that the mod covers.

Action Types

AWS > RDS > DB Cluster > Disable Copy Tags To Snapshot
AWS > RDS > DB Cluster > Disable Deletion Protection
AWS > RDS > DB Cluster > Enable Copy Tags To Snapshot
AWS > RDS > DB Cluster > Enable Deletion Protection
AWS > RDS > DB Cluster > Set Tags
AWS > RDS > DB Cluster > Skip alarm for Active control
AWS > RDS > DB Cluster > Skip alarm for Active control [90 days]
AWS > RDS > DB Cluster > Skip alarm for Approved control
AWS > RDS > DB Cluster > Skip alarm for Approved control [90 days]
AWS > RDS > DB Cluster > Skip alarm for Tags control
AWS > RDS > DB Cluster > Skip alarm for Tags control [90 days]
AWS > RDS > DB Cluster > Snapshot and delete from AWS
AWS > RDS > DB Cluster > Start DB Cluster
AWS > RDS > DB Cluster > Stop DB Cluster
AWS > RDS > DB Cluster Parameter Group > Delete from AWS
AWS > RDS > DB Cluster Parameter Group > Set Tags
AWS > RDS > DB Cluster Parameter Group > Skip alarm for Active control
AWS > RDS > DB Cluster Parameter Group > Skip alarm for Active control [90 days]
AWS > RDS > DB Cluster Parameter Group > Skip alarm for Approved control
AWS > RDS > DB Cluster Parameter Group > Skip alarm for Approved control [90 days]
AWS > RDS > DB Cluster Parameter Group > Skip alarm for Tags control
AWS > RDS > DB Cluster Parameter Group > Skip alarm for Tags control [90 days]
AWS > RDS > DB Cluster Snapshot [Manual] > Delete from AWS
AWS > RDS > DB Cluster Snapshot [Manual] > Set Tags
AWS > RDS > DB Cluster Snapshot [Manual] > Skip alarm for Active control
AWS > RDS > DB Cluster Snapshot [Manual] > Skip alarm for Active control [90 days]
AWS > RDS > DB Cluster Snapshot [Manual] > Skip alarm for Approved control
AWS > RDS > DB Cluster Snapshot [Manual] > Skip alarm for Approved control [90 days]
AWS > RDS > DB Cluster Snapshot [Manual] > Skip alarm for Tags control
AWS > RDS > DB Cluster Snapshot [Manual] > Skip alarm for Tags control [90 days]
AWS > RDS > DB Instance > Disable Auto Minor Versions Upgrade
AWS > RDS > DB Instance > Disable Copy Tags To Snapshot
AWS > RDS > DB Instance > Disable Deletion Protection
AWS > RDS > DB Instance > Disable Multi AZ
AWS > RDS > DB Instance > Enable Auto Minor Versions Upgrade
AWS > RDS > DB Instance > Enable Copy Tags To Snapshot
AWS > RDS > DB Instance > Enable Deletion Protection
AWS > RDS > DB Instance > Enable Multi AZ
AWS > RDS > DB Instance > Reboot DB Instance
AWS > RDS > DB Instance > Set Tags
AWS > RDS > DB Instance > Skip alarm for Active control
AWS > RDS > DB Instance > Skip alarm for Active control [90 days]
AWS > RDS > DB Instance > Skip alarm for Approved control
AWS > RDS > DB Instance > Skip alarm for Approved control [90 days]
AWS > RDS > DB Instance > Skip alarm for Tags control
AWS > RDS > DB Instance > Skip alarm for Tags control [90 days]
AWS > RDS > DB Instance > Snapshot and delete from AWS
AWS > RDS > DB Instance > Start DB Instance
AWS > RDS > DB Instance > Stop DB Instance
AWS > RDS > DB Parameter Group > Delete from AWS
AWS > RDS > DB Parameter Group > Set Tags
AWS > RDS > DB Parameter Group > Skip alarm for Active control
AWS > RDS > DB Parameter Group > Skip alarm for Active control [90 days]
AWS > RDS > DB Parameter Group > Skip alarm for Approved control
AWS > RDS > DB Parameter Group > Skip alarm for Approved control [90 days]
AWS > RDS > DB Parameter Group > Skip alarm for Tags control
AWS > RDS > DB Parameter Group > Skip alarm for Tags control [90 days]
AWS > RDS > DB Snapshot [Manual] > Delete from AWS
AWS > RDS > DB Snapshot [Manual] > Set Tags
AWS > RDS > DB Snapshot [Manual] > Skip alarm for Active control
AWS > RDS > DB Snapshot [Manual] > Skip alarm for Active control [90 days]
AWS > RDS > DB Snapshot [Manual] > Skip alarm for Approved control
AWS > RDS > DB Snapshot [Manual] > Skip alarm for Approved control [90 days]
AWS > RDS > DB Snapshot [Manual] > Skip alarm for Tags control
AWS > RDS > DB Snapshot [Manual] > Skip alarm for Tags control [90 days]
AWS > RDS > Option Group > Delete from AWS
AWS > RDS > Option Group > Set Tags
AWS > RDS > Option Group > Skip alarm for Active control
AWS > RDS > Option Group > Skip alarm for Active control [90 days]
AWS > RDS > Option Group > Skip alarm for Approved control
AWS > RDS > Option Group > Skip alarm for Approved control [90 days]
AWS > RDS > Option Group > Skip alarm for Tags control
AWS > RDS > Option Group > Skip alarm for Tags control [90 days]
AWS > RDS > Subnet Group > Delete from AWS
AWS > RDS > Subnet Group > Set Tags
AWS > RDS > Subnet Group > Skip alarm for Active control
AWS > RDS > Subnet Group > Skip alarm for Active control [90 days]
AWS > RDS > Subnet Group > Skip alarm for Approved control
AWS > RDS > Subnet Group > Skip alarm for Approved control [90 days]
AWS > RDS > Subnet Group > Skip alarm for Tags control
AWS > RDS > Subnet Group > Skip alarm for Tags control [90 days]

5.21.0 (2022-02-16)

What's new?

Users can now create their own custom checks against resource attributes in the Approved control using the Approved > Custom policy. These custom checks would be a part of the evaluation of the Approved control. Custom messages can also be added which are then displayed in the control details table. See Custom Checks for more information.

Bug fixes

We've improved the process of deleting resources from Guardrails if their CMDB policy was set to Enforce: Disabled. The CMDB controls will now not look to resolve credentials via Guardrails' IAM role while deleting resources from Guardrails. This will allow the CMDB controls to process resource deletions from Guardrails more reliably than before.

Policy Types

AWS > RDS > DB Cluster > Approved > Custom
AWS > RDS > DB Cluster Parameter Group > Approved > Custom
AWS > RDS > DB Cluster Snapshot [Manual] > Approved > Custom
AWS > RDS > DB Instance > Approved > Custom
AWS > RDS > DB Parameter Group > Approved > Custom
AWS > RDS > DB Snapshot [Manual] > Approved > Custom
AWS > RDS > Option Group > Approved > Custom
AWS > RDS > Subnet Group > Approved > Custom

5.20.3 (2022-01-28)

Bug fixes

The Schedule controls for DB Instance and DB Cluster would incorrectly go into a skipped state if their respective Schedule policies were set to Skip but their Schedule Tag policies were set to Enforce: Schedule per turbot_custom_schedule tag. This is fixed and the controls will now work as expected.

5.20.2 (2022-01-27)

Bug fixes

The AWS > RDS > DB Cluster > CMDB control would sometimes fail to update the Status of a DB Cluster correctly due to being triggered too quickly after the cluster was stopped or started by the AWS > RDS > DB Cluster > Schedule control. This would lead to the schedule control being inconsistent in its behavior. The AWS > RDS > DB Cluster > CMDB control will now re-trigger after 2 minutes if a DB Cluster is stopped or started, to reflect its correct status in Guardrails CMDB.

5.20.1 (2022-01-20)

Bug fixes

The AWS > RDS > DB Cluster > Schedule and AWS > RDS > DB Instance > Schedule controls would incorrectly go into an error state if the corresponding CMDB controls were in error and the AWS > RDS > DB Cluster > Schedule and AWS > RDS > DB Instance > Schedule policies were set to Skip, respectively. This is fixed and the controls will now work as expected.

5.20.0 (2021-12-24)

What's new?

AWS/RDS/Admin AWS/RDS/Metadata AWS/RDS/Operator now includes permissions for Custom Availability Zone, DB Proxy, Custom DB Engine Version, DB Instance Automated Backups Replication and DBQMS permissions for Tabs.

5.19.0 (2021-11-11)

Control Types

AWS > RDS > DB Instance > Performance Insights

Policy Types

AWS > RDS > DB Instance > Performance Insights
AWS > RDS > DB Instance > Performance Insights > KMS Key
AWS > RDS > DB Instance > Performance Insights > Retention Period

Action Types

AWS > RDS > DB Instance > Update Performance Insights

5.18.0 (2021-10-27)

Control Types

AWS > RDS > DB Cluster > Logs Export Configuration
AWS > RDS > DB Instance > Logs Export Configuration

Policy Types

AWS > RDS > DB Cluster > Logs Export Configuration
AWS > RDS > DB Cluster > Logs Export Configuration > Log Types
AWS > RDS > DB Instance > Logs Export Configuration
AWS > RDS > DB Instance > Logs Export Configuration > Log Types

Action Types

AWS > RDS > DB Cluster > Update Logs Export Configuration
AWS > RDS > DB Instance > Update Logs Export Configuration

5.17.0 (2021-08-04)

Control Types

AWS > RDS > DB Cluster > Copy Tags to Snapshot
AWS > RDS > DB Cluster > Deletion Protection
AWS > RDS > DB Instance > Auto Minor Version Upgrade
AWS > RDS > DB Instance > Copy Tags to Snapshot
AWS > RDS > DB Instance > Deletion Protection
AWS > RDS > DB Instance > Multi-AZ

Policy Types

AWS > RDS > DB Cluster > Copy Tags to Snapshot
AWS > RDS > DB Cluster > Deletion Protection
AWS > RDS > DB Instance > Auto Minor Version Upgrade
AWS > RDS > DB Instance > Copy Tags to Snapshot
AWS > RDS > DB Instance > Deletion Protection
AWS > RDS > DB Instance > Multi-AZ

Action Types

AWS > RDS > DB Cluster > Update Copy Tags to Snapshot
AWS > RDS > DB Cluster > Update Deletion Protection
AWS > RDS > DB Instance > Update Auto Minor Version Upgrade
AWS > RDS > DB Instance > Update Copy Tags to Snapshot
AWS > RDS > DB Instance > Update Deletion Protection
AWS > RDS > DB Instance > Update Multi-AZ

5.16.1 (2021-07-28)

Bug fixes

The DB Instance CMDB data did not update automatically after listening to the rds:ModifyDBInstance event. This is now fixed.

5.16.0 (2021-07-20)

What's new?

AWS/RDS/Admin and AWS/RDS/Metadata now includes DBQMS permissions for favorite query and query history and RDS-Data permissions to execute SQL statements.

5.15.0 (2021-07-09)

What's new?

We've improved the details tables in the Tags controls to be more helpful, especially when a resource's tags are not set correctly as expected. Previously, to understand why the Tags controls were in an Alarm state, you would need to find and read the control's process logs. This felt like too much work for a simple task, so now these details are visible directly from the control page.

5.14.0 (2021-06-28)

Control Types

AWS > RDS > DB Cluster > Backup Retention Period
AWS > RDS > DB Instance > Backup Retention Period

Policy Types

AWS > RDS > DB Cluster > Backup Retention Period
AWS > RDS > DB Cluster > Backup Retention Period > Days
AWS > RDS > DB Instance > Backup Retention Period
AWS > RDS > DB Instance > Backup Retention Period > Days

Action Types

AWS > RDS > DB Cluster > Update Backup Retention Period
AWS > RDS > DB Instance > Update Backup Retention Period

5.13.0 (2021-06-24)

What's new?

AWS/RDS/Admin now includes global cluster, activity stream, RDS data, and performance insights permissions.
AWS > Turbot > Permissions > Compiled > API Boundary > @turbot/aws-rds policy now includes pi:*, rds-data:*, and rds-db:*.

5.12.0 (2021-04-23)

What's new?

AWS > RDS > DB Instance > Approved control will now run faster when in the tbd and skipped states thanks to the new Guardrails Precheck feature (not to be confused with TSA PreCheck). With Guardrails Precheck, controls avoid running GraphQL input queries when in tbd and skipped, resulting in faster and lighter control runs.
We've improved the state reasons and details tables in the Approved and Active controls for resources like DB cluster, DB instance and DB cluster parameter group to be more helpful, especially when a resource is unapproved or inactive. Previously, to understand why one of these controls is in an Alarm state, you would need to find and read the control's process logs. This felt like too much work for a simple task, so now these details are visible directly from the control page.

5.11.0 (2021-03-26)

What's new?

We've improved the state reasons and details tables in various Approved and Active controls to be more helpful, especially when a resource is unapproved or inactive. Previously, to understand why one of these controls is in Alarm state, you would need to find and read the control's process logs. This felt like too much work for a simple task, so now these details are visible directly from the control page.

Bug fixes

The AWS > RDS > DB Instance > Discovery control would go into an error state for a few regions regions since oracle-se and oracle-se1 engines are not supported in these regions. This is now fixed.

Policy Types

Renamed

AWS > RDS > DB Instance > Parameter Group > Parameter Group Name to AWS > RDS > DB Instance > Parameter Group > Name
AWS > RDS > DB Instance > DB Instance Publicly Accessible to AWS > RDS > DB Instance > Publicly Accessible

5.10.2 (2021-01-14)

Bug fixes

There were a number of policies available for DB instances which were not associated with any controls and had no effect on any resources. These policies have been removed to remove any confusion around them.
Controls run faster now when in the tbd and skipped states thanks to the new Guardrails Precheck feature (not to be confused with TSA PreCheck). With Guardrails Precheck, controls avoid running GraphQL input queries when in tbd and skipped, resulting in faster and lighter control runs.

Policy Types

Removed

AWS > RDS > DB Instance > DB Free Storage Space Alarm
AWS > RDS > DB Instance > Parameters
AWS > RDS > DB Instance > Parameters > Audit Logging
AWS > RDS > Database Backup
AWS > RDS > Database Backup > Protection
AWS > RDS > Database Backup > Snapshot Name Prefix

5.10.1 (2020-12-09)

Bug fixes

Controls run faster now when in the tbd and skipped states thanks to the new Guardrails Precheck feature (not to be confused with TSA PreCheck). With Guardrails Precheck, controls avoid running GraphQL input queries when in tbd and skipped, resulting in faster and lighter control runs.

5.10.0 (2020-12-02)

Bug fixes

We’ve removed a duplicate event handler which was causing unwanted RDS events to be sent to Guardrails.

Policy Types

Removed

AWS > Turbot > Event Handlers > Events > Rules > Event Sources > @turbot/aws-rds

5.9.0 (2020-10-19)

What's new?

The AWS > RDS > DB Instance > Approved policy now includes the following new policy values:
```
 - Enforce: Stop unapproved
 - Enforce: Stop unapproved if new
```
By setting these new values you can directly stop unapproved DB instances

5.8.0 (2020-10-12)

What's new?

We've made improvements to how Active controls interact with CMDB policies and controls for more reliable active checks. Now, if a resource's CMDB policy is set to Skip, its Active control will move to invalid to prevent the Active control from making a decision based on outdated information. Also, Active controls will now wait until the resource's CMDB control has run at least once to ensure the required data is available.

Bug fixes

We've made some improvements to our real-time event handling that reduces the risk of creating resources in CMDB with malformed AKAs. There's no noticeable difference, but things should run more reliably now.

5.7.0 (2020-09-09)

What's new?

Discovery controls now have their own control category, CMDB > Discovery, to allow for easier filtering separately from other CMDB controls.
We've renamed the service's default regions policy from Regions [Default] to Regions to be consistent with our other regions policies.

Bug fixes

Arn, Subnets and SubnetOutpost properties were not available for use in GraphQL queries. This issue has now been fixed.

5.6.3 (2020-08-20)

Bug fixes

Whenever a DB parameter group or a DB cluster parameter group was copied from an existing DB parameter group or a DB cluster parameter group respectively, we would mishandle those events and create those resources without its identifier in its AKA. This issue has been fixed and we now create these resources with the proper AKAs.

5.6.2 (2020-08-14)

Bug fixes

Minor improvements were made to AWS > RDS > DB Instance > Schedule control to make sure that you can start and stop your db instances effectively without running into errors.

Policy Types

Renamed

AWS > RDS > DB Instance > Schedule > Tag to AWS > RDS > DB Instance > Schedule Tag

5.6.1 (2020-08-14)

Bug fixes

Whenever a DB snapshot was copied from an existing snapshot, we would mishandle those events and create a DB snapshot without its identifier in its AKA. This issue has been fixed and we now create snapshots with the proper AKAs. DB snapshots that were created with malformed AKAs can automatically be cleaned up by the AWS > Account > Resource AKA Cleanup control, which is available in aws (5.9.0) and later.
In various Active controls, we were outputting log messages that did not properly show how many days were left until we'd delete the inactive resources (we were still deleting them after the correct number of days). These log messages have been fixed and now contain the correct number of days.

5.6.0 (2020-08-07)

Control Types

AWS > RDS > DB Cluster > Schedule

Policy Types

AWS > RDS > DB Cluster > Schedule
AWS > RDS > DB Cluster > Schedule Tag

Action Types

AWS > RDS > DB Cluster > Start
AWS > RDS > DB Cluster > Stop

5.5.1 (2020-08-05)

Bug fixes

Whenever a DB instance or DB cluster was restored from a snapshot or an S3 bucket, we would mishandle those events and create a DB instance or DB cluster resource without its identifier in its AKA. This issue has been fixed for both resource types and we now create them with the proper AKAs. DB instances and DB clusters that were created with malformed AKAs can automatically be cleaned up by the AWS > Account > Resource AKA Cleanup control, which is available in aws (5.9.0) and later.

5.5.0 (2020-07-31)

What's new?

Cross-account trust is not only important for complex enterprise and application scenarios but is also a critical area for security controls. We now support controlling cross-account access for DB snapshots and DB cluster snapshots to provide automatic protection against unexpected cross-account access.
A common set of trusted AWS account IDs can be defined in the AWS > Account > Trusted Accounts [Default] policy. Trusted accounts can also be defined at any level, even down to the specific snapshot resource.
To get started with these new controls, please see the AWS > RDS > DB Snapshot [Manual] > Trusted Access and AWS > RDS > DB Cluster Snapshot [Manual] > Trusted Access policies.

Control Types

AWS > RDS > DB Cluster Snapshot [Manual] > Trusted Access
AWS > RDS > DB Instance > Parameter Group
AWS > RDS > DB Snapshot [Manual] > Trusted Access
AWS > RDS > Stack

Policy Types

AWS > RDS > DB Cluster Snapshot [Manual] > Trusted Access
AWS > RDS > DB Cluster Snapshot [Manual] > Trusted Access > Accounts
AWS > RDS > DB Instance > Parameter Group
AWS > RDS > DB Instance > Parameter Group > Parameter Group Name
AWS > RDS > DB Snapshot [Manual] > Trusted Access
AWS > RDS > DB Snapshot [Manual] > Trusted Access > Accounts
AWS > RDS > Stack
AWS > RDS > Stack > Secret Variables
AWS > RDS > Stack > Source
AWS > RDS > Stack > Terraform Version
AWS > RDS > Stack > Variables
AWS > RDS > Trusted Accounts [Default]

Action Types

AWS > RDS > DB Cluster Snapshot [Manual] > Set Trusted Access
AWS > RDS > DB Instance > DB Instance Reboot
AWS > RDS > DB Instance > Update Parameter Group
AWS > RDS > DB Snapshot [Manual] > Set Trusted Access

5.4.1 (2020-07-02)

Bug fixes

Sometimes when updating CMDB for resources with tags that have empty string values, e.g., [{Key: "Empty", Value: ""}, {Key: "Guardrails is great", Value: "true"}], we would not store all of the tags correctly. This has been fixed and now all tags are accounted for.

5.4.0 (2020-06-11)

What's new?

The DB cluster snapshot DBClusterSnapshotAttributes data has been made available in the DBClusterSnapshotAttributesMap property. This new property stores the attribute data as a map, instead of a list of maps, for easier referencing.
An api call was added to the CMDB of DB parameter group which returns the detailed parameter list for a particular DB parameter group.
An api call was added to the CMDB of DB cluster parameter group which returns the detailed parameter list for a particular DB cluster parameter group.

5.3.1 (2020-05-26)

Bug fixes

After creating or modifying a DB cluster, its CMDB entry was not being updated after moving out of a transition state, e.g., creating, modifying. This has been fixed.

Policy Types

Renamed

AWS > RDS > DB Cluster > Configured > Precedence to AWS > RDS > DB Cluster > Configured > Claim Precedence
AWS > RDS > DB Cluster Parameter Group > Configured > Precedence to AWS > RDS > DB Cluster Parameter Group > Configured > Claim Precedence
AWS > RDS > DB Cluster Snapshot [Manual] > Configured > Precedence to AWS > RDS > DB Cluster Snapshot [Manual] > Configured > Claim Precedence
AWS > RDS > DB Instance > Configured > Precedence to AWS > RDS > DB Instance > Configured > Claim Precedence
AWS > RDS > DB Parameter Group > Configured > Precedence to AWS > RDS > DB Parameter Group > Configured > Claim Precedence
AWS > RDS > DB Snapshot [Manual] > Configured > Precedence to AWS > RDS > DB Snapshot [Manual] > Configured > Claim Precedence
AWS > RDS > Option Group > Configured > Precedence to AWS > RDS > Option Group > Configured > Claim Precedence
AWS > RDS > Subnet Group > Configured > Precedence to AWS > RDS > Subnet Group > Configured > Claim Precedence

5.3.0 (2020-05-14)

What's new?

The DB snapshot DBSnapshotAttributes data has been made available in the DBSnapshotAttributesMap property. This new property stores the attribute data as a map, instead of a list of maps, for easier referencing.

Bug fixes

DB snapshot permission update events were not being handled properly, so the CMDB would not reflect the latest permissions. These updates are now handled.
When deleting DB instances in Aurora clusters, AWS does not support creating a final snapshot through the API. As a result, the AWS > RDS > DB Instance > Delete action would fail to delete these types of DB instances. This has been fixed and now DB instances in Aurora clusters will be deleted, but no final snapshot will be created.