Checks whether SSL encryption is enabled for an ApsaraDB RDS instance.
Scenario
Enable SSL encryption for RDS instances and install CA-issued SSL certificates on your application services to secure data in transmission.
Risk level
Default risk level: medium.
You can change the risk level when you apply this rule.
Compliance evaluation logic
- If SSL encryption is enabled for the ApsaraDB RDS instance, the instance is compliant.
- If SSL encryption is not enabled for the ApsaraDB RDS instance, the instance is non-compliant. Follow the Non-compliance remediation procedure to fix this.
Rule details
| Item | Description |
| Rule name | rds-instance-enabled-ssl |
| Rule ID | rds-instance-enabled-ssl |
| Tag | RDS |
| Automatic remediation | Not supported |
| Trigger type | Configuration change |
| Supported resource type | ApsaraDB RDS instance |
| Input parameter | None |
Non-compliance remediation
Configure SSL encryption for the ApsaraDB RDS instance. For more information, see Enable SSL with a cloud certificate.
该文章对您有帮助吗?