Description:
Deletion protection is a safety feature that prevents RDS instances from being deleted accidentally. When deletion protection is enabled, you cannot delete the RDS instance using the AWS Management Console, the AWS CLI, or the RDS API. This can help to prevent accidental deletion of important data.

Rationale:
Accidental deletion of RDS instances can have a significant impact on your business. If an RDS instance is deleted, you may lose important data and have to restore the instance from a backup. This can be a time-consuming and expensive process.

Impact:
Enabling deletion protection can help to prevent accidental deletion of RDS instances. This can help to protect your data and reduce the risk of downtime.

Default Value:
By default, deletion protection is enabled for RDS instances that are created with the AWS Management Console.

Pre-Requisite:

To enable deletion protection, you must have the following:

  • Access to the AWS Management Console
  • The ability to modify RDS instances

Remediation Steps:
To remediate an RDS instance that does not have deletion protection enabled, you can follow these steps:

  • Go to the AWS Management Console and open the RDS console.
  • In the navigation pane, select "Databases."
  • Select the RDS instance that you want to enable deletion protection for.
  • Click "Modify."
  • In the "Deletion protection" section, select the checkbox next to "Enable deletion protection."
  • Click "Continue" and then click "Modify DB instance."

Test Plan:
To test whether deletion protection is enabled for an RDS instance, you can follow these steps:

  • Go to the AWS Management Console and open the RDS console.
  • In the navigation pane, select "Databases."
  • Select the RDS instance that you want to test.
  • Check the "Deletion protection" column. If the value is "Enabled," then deletion protection is enabled for the instance.

AWS Console Process:
To enable deletion protection for an RDS instance using the AWS Management Console, you can follow these steps:

  • Go to the AWS Management Console and open the RDS console.
  • In the navigation pane, select "Databases."
  • Select the RDS instance that you want to enable deletion protection for.
  • Click "Modify."
  • In the "Deletion protection" section, select the checkbox next to "Enable deletion protection."
  • Click "Continue" and then click "Modify DB instance."

Using AWS GUI:
To enable deletion protection for an RDS instance using the AWS GUI, you can follow these steps:

  • Open the AWS GUI.
  • In the navigation pane, select "RDS."
  • Select the RDS instance that you want to enable deletion protection for.
  • Click the "Deletion protection" tab.
  • Select the checkbox next to "Enable deletion protection."
  • Click "Save."

Backout Plan:
To back out of enabling deletion protection for an RDS instance, you can follow these steps:

  • Go to the AWS Management Console and open the RDS console.
  • In the navigation pane, select "Databases."
  • Select the RDS instance that you want to disable deletion protection for.
  • Click "Modify."
  • In the "Deletion protection" section, clear the checkbox next to "Enable deletion protection."
  • Click "Continue" and then click "Modify DB instance."


Note:


Reference:

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html

https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html