Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rds encrypted storage #11

Open
0xjjoyy opened this issue Mar 22, 2021 · 2 comments
Open

rds encrypted storage #11

0xjjoyy opened this issue Mar 22, 2021 · 2 comments

Comments

@0xjjoyy
Copy link
Contributor

0xjjoyy commented Mar 22, 2021

Use Case - Is your feature request related to a problem? Please describe.
rds encrypted storage for create db instance and cluster

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "RDS",
            "Effect": "Deny",
            "Action": [
                "rds:CreateDBInstance"
            ],
            "Resource": [
                "*"
            ],
            "Condition": {
                "Bool": {
                    "rds:StorageEncrypted": "false"
                }
            }
        },
        {
            "Sid": "StatementForAurora",
            "Effect": "Deny",
            "Action": [
                "rds:CreateDBCluster"
            ],
            "Resource": [
                "*"
            ],
            "Condition": {
                "Bool": {
                    "rds:StorageEncrypted": "false"
                }
            }
        }
    ]
}

Expected Outcome - Describe the solution you'd like
A clear and concise description of what you want to happen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Affected AWS resource
Mention the AWS resources which is affected

Impact
High: The issue makes a service level improvement which affects all users of AWS
Medium: Single feature which affects a single functionality which is optionally enabled in the AWS service
Low: Niche use case which is particularly affecting the AWS resources if it is configured in a certain way

Supported material
Can be either logs, screenshots or documentation links which provide evidence of need of this issue

I can contribute: Yes/No
If you are able to contribute towards resolving this request.

Additional context
Add any other context or screenshots about the feature request here.

Pull Request number
If a pull request has already been created.
@0xjjoyy
Copy link
Contributor Author

0xjjoyy commented Jun 29, 2021

Additional IAM actions

      "rds:CreateDBCluster",
      "rds:CreateDBInstance",
      "rds:RestoreDBClusterFromS3",
      "rds:RestoreDBInstanceFromS3",
      "rds:RestoreDBClusterFromDBSnapshot",
      "rds:RestoreDBClusterToPointInTime"

@0xjjoyy
Copy link
Contributor Author

0xjjoyy commented Jul 19, 2021 

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "RDS",
      "Effect": "Deny",
      "Action": [
        "rds:CreateDBInstance",
        "rds:CreateDBCluster",
        "rds:CreateDBInstance",
        "rds:RestoreDBClusterFromS3",
        "rds:RestoreDBInstanceFromS3",
        "rds:RestoreDBClusterFromDBSnapshot",
        "rds:RestoreDBClusterToPointInTime"
      ],
      "Resource": [
        "*"
      ],
      "Condition": {
        "Bool": {
          "rds:StorageEncrypted": "false"
        }
      }
    }
  ]
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@0xjjoyy