dms-endpoint-ssl-configured
Checks if Amazon Database Migration Service (Amazon DMS) endpoints are configured with an SSL connection. The rule is NON_COMPLIANT if Amazon DMS does not have an SSL connection configured.
Context: SSL/TLS connections provide one layer of security by encrypting data that moves between your client and a DB instance. Using server certificate provides an extra layer of security by validating that the connection is being made to an Amazon RDS DB instance. It does so by checking the server certificate that is automatically installed on all DB instances that you provision. By enabling SSL connection on Amazon DMS, you protect the confidentiality of the data during the migration.
To configure SSL connection for Amazon DMS, see Using SSL/TLS to encrypt a connection to a DB instance or cluster in the Amazon Relational Database Service User Guide.
Identifier: DMS_ENDPOINT_SSL_CONFIGURED
Resource Types: AWS::DMS::Endpoint
Trigger type: Configuration changes
Amazon Web Services Region: All supported Amazon regions except US ISO West, Asia Pacific (Jakarta), US ISO East, Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Malaysia), US ISOB East, Asia Pacific (Melbourne), Amazon GovCloud (US-East), Amazon GovCloud (US-West), US West (Oregon), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region
Parameters:
- None
Amazon CloudFormation template
To create Amazon Config managed rules with Amazon CloudFormation templates, see Creating Amazon Config Managed Rules With Amazon CloudFormation Templates.