AWS Config Rule: DocumentDB Cluster Deletion Protection Enabled
DOCDB_CLUSTER_DELETION_PROTECTION_ENABLED
Eduardo Van Cauteren
Last Update 3 bulan yang lalu
Description: Checks if an Amazon DocumentDB (with MongoDB compatibility) cluster has deletion protection enabled. The rule is NON_COMPLIANT if an Amazon DocumentDB cluster has the deletionProtection field set to false.
Trigger type: Configuration changes
AWS Region: Only available in Asia Pacific (Mumbai), Europe (Paris), US East (Ohio), Europe (Ireland), Europe (Frankfurt), South America (Sao Paulo), US East (N. Virginia), Asia Pacific (Seoul), Europe (London), Europe (Milan), Asia Pacific (Tokyo), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Canada (Central), China (Ningxia) Region
How to Resolve Manually
This config rule checks if a DocumentDB cluster has deletion protection enabled. The rule will be marked as non-compliant if a cluster is found with this setting disabled.
In order to solve this, head on over Amazon DocumentDB service from within the AWS Console, search for the cluster that is out of compliance and click on its name. From there, go to Configuration tab and click on Modify button.
Locate the Deletion protection card and enable the Deletion Protection for that cluster.
Click on Continue, review and define the scheduling of modifications and finally click on Modify Cluster button.
Check the following picture as reference:
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
