rds-postgres-instance-encrypted-in-transit
Checks if connections to Amazon RDS PostgreSQL database instances are configured to use encryption in transit. The rule is NON_COMPLIANT if the associated database parameter group is not in-sync or if the rds.force_ssl parameter is not set to 1.
Note
The rule returns NOT_APPLICABLE
if the Amazon RDS instance is part of an RDS cluster.
Identifier: RDS_POSTGRES_INSTANCE_ENCRYPTED_IN_TRANSIT
Resource Types: AWS::RDS::DBInstance
Trigger type: Periodic
Amazon Web Services Region: All supported Amazon regions except US ISO West, US ISO East, Asia Pacific (Malaysia), US ISOB East, Canada West (Calgary) Region
Parameters:
- None
Amazon CloudFormation template
To create Amazon Config managed rules with Amazon CloudFormation templates, see Creating Amazon Config Managed Rules With Amazon CloudFormation Templates.