From 174f53ba2b9741f2078daa69648cff04880ce160 Mon Sep 17 00:00:00 2001
From: rajmohanty17 <raj@turbot.com>
Date: Mon, 30 May 2022 16:37:02 +0530
Subject: [PATCH] Aurora - Deletion protection is at cluster level and not DB
 instance level - foundational security logic should be updated Closes #400

---
 query/rds/rds_db_instance_deletion_protection_enabled.sql | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/query/rds/rds_db_instance_deletion_protection_enabled.sql b/query/rds/rds_db_instance_deletion_protection_enabled.sql
index 7f881e11..134c8d67 100644
--- a/query/rds/rds_db_instance_deletion_protection_enabled.sql
+++ b/query/rds/rds_db_instance_deletion_protection_enabled.sql
@@ -2,10 +2,12 @@ select
   -- Required Columns
   arn as resource,
   case
+    when engine like any ( ARRAY['aurora%', 'docdb', 'neptune']) then 'skip'
     when deletion_protection then 'ok'
     else 'alarm'
   end status,
   case
+    when engine like any ( ARRAY['aurora%', 'docdb', 'neptune']) then title || ' is of ' || engine || ' cluster, deletion protection is set at cluster level.'
     when deletion_protection then title || ' deletion protection enabled.'
     else title || ' deletion protection not enabled.'
   end reason,