Version Check for RDS Instance Engines

Rule Details

**Table 1** Rule details
Parameter	Description
Rule Name	rds-instance-engine-version-check
Identifier	instance-engine-version-check
Description	If the version of an RDS instance engine is lower than the specified version, this instance is non-compliant.
Tag	rds
Trigger Type	Configuration change
Filter Type	rds.instances
Rule Parameters	mysqlVersion: version of the MySQL database engine, for example, 8.0.28 postgresqlVersion: version of the PostgreSQL database engine, for example, 16.4 mariadbVersion: version of the MariaDB database engine, for example, 10.5 sqlserverVersion: version of the SQL Server database engine, for example, 2017

Application Scenarios

New versions generally fix the security vulnerabilities found in earlier versions to prevent potential attacks. You are advised to use the latest database version.

Solution

Please upgrade your database engine to the specified version or higher based on its type.

Rule Logic

If the MySQL version of an RDS instance is earlier than mysqlVersion, this instance is non-compliant.
If the MySQL version of an RDS instance is mysqlVersion or later, this instance is compliant.
If the PostgreSQL version of an RDS instance is earlier than postgresqlVersion, this instance is non-compliant.
If the PostgreSQL version of an RDS instance is postgresqlVersion or later, this instance is compliant.
If the MariaDB version of an RDS instance is earlier than mariadbVersion, this instance is non-compliant.
If the MariaDB version of an RDS instance is mariadbVersion or later, this instance is compliant.
If the SQL Server version of an RDS instance is earlier than sqlserverVersion, this instance is non-compliant.
If the SQL Server version of an RDS instance is sqlserverVersion or later, this instance is compliant.