Skip to content

Instantly share code, notes, and snippets.

@olublessed

olublessed/info.md

Forked from manicminer/info.md
Created November 1, 2018 22:44
Show Gist options
  • Save olublessed/7248023c9955ccd6e57bb54e1fe6cf6a to your computer and use it in GitHub Desktop.
Save olublessed/7248023c9955ccd6e57bb54e1fe6cf6a to your computer and use it in GitHub Desktop.
Download ZIP
RDS Production termination protection
Raw
info.md

RDS Production Termination Protection

Create a policy like this, substituting your AWS account number, then attach it to all groups and roles. It will prevent deletion of RDS instances containing the string "prod" in their name.

Note: This is intended to prevent accidental deletion, and is easily sidestepped.

Raw
policy.json
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"rds:DeleteDBInstance"
],
"Effect": "Deny",
"Resource": "arn:aws:rds:*:123456789012:*prod*"
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment