turbot/aws_compliance

Query: rds_db_instance_logging_enabled

Usage

powerpipe query aws_compliance.query.rds_db_instance_logging_enabled

Steampipe Tables

SQL

select
arn as resource,
case
when engine = 'docdb' then 'skip'
when engine like any (array ['mariadb', '%mysql']) and enabled_cloudwatch_logs_exports ?& array ['audit','error','general','slowquery'] then 'ok'
when engine like any (array['%postgres%']) and enabled_cloudwatch_logs_exports ?& array ['postgresql','upgrade'] then 'ok'
when engine like 'oracle%' and enabled_cloudwatch_logs_exports ?& array ['alert','audit', 'trace','listener'] then 'ok'
when engine = 'sqlserver-ex' and enabled_cloudwatch_logs_exports ?& array ['error'] then 'ok'
when engine like 'sqlserver%' and enabled_cloudwatch_logs_exports ?& array ['error','agent'] then 'ok'
else 'alarm'
end as status,
case
when engine = 'docdb' then title || ' is docdb instance.'
when engine like any (array ['mariadb', '%mysql']) and enabled_cloudwatch_logs_exports ?& array ['audit','error','general','slowquery']
then title || ' ' || engine || ' logging enabled.'
when engine like any (array['%postgres%']) and enabled_cloudwatch_logs_exports ?& array ['postgresql','upgrade']
then title || ' ' || engine || ' logging enabled.'
when engine like 'oracle%' and enabled_cloudwatch_logs_exports ?& array ['alert','audit', 'trace','listener']
then title || ' ' || engine || ' logging enabled.'
when engine = 'sqlserver-ex' and enabled_cloudwatch_logs_exports ?& array ['error']
then title || ' ' || engine || ' logging enabled.'
when engine like 'sqlserver%' and enabled_cloudwatch_logs_exports ?& array ['error','agent']
then title || ' ' || engine || ' logging enabled.'
else title || ' logging not enabled.'
end as reason
, region, account_id
from
aws_rds_db_instance;

Controls

The query is being used by the following controls: