Skip to content

Instantly share code, notes, and snippets.

@vishalkhoje

vishalkhoje/info.md

Forked from arbabnazar/info.md
Created June 14, 2018 07:30
Show Gist options
  • Save vishalkhoje/d1e6ac5e4f3b1723f48395137c321d06 to your computer and use it in GitHub Desktop.
Save vishalkhoje/d1e6ac5e4f3b1723f48395137c321d06 to your computer and use it in GitHub Desktop.
Download ZIP
RDS Production termination protection
Raw
info.md

RDS Production Termination Protection

Create a policy like this, substituting your AWS account number, then attach it to all groups and roles. It will prevent deletion of RDS instances containing the string "prod" in their name.

Note: This is intended to prevent accidental deletion, and is easily sidestepped.

Raw
policy.json
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"rds:DeleteDBInstance"
],
"Effect": "Deny",
"Resource": "arn:aws:rds:*:123456789012:*prod*"
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment