From 9ffbd65f11121ffe4bc9ca4fb5b606e3c36d168a Mon Sep 17 00:00:00 2001 From: Khushboo <46913995+khushboo9024@users.noreply.github.com> Date: Wed, 27 Mar 2024 19:28:32 +0530 Subject: [PATCH 1/2] AWS extended support pricing for old RDS closes #170 (#174) --- controls/rds.sp | 39 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 38 insertions(+), 1 deletion(-) diff --git a/controls/rds.sp b/controls/rds.sp index 1ea3927..adc0f24 100644 --- a/controls/rds.sp +++ b/controls/rds.sp @@ -43,7 +43,8 @@ benchmark "rds" { control.long_running_rds_db_instances, control.rds_db_instance_with_graviton, control.rds_db_low_connection_count, - control.rds_db_low_utilization + control.rds_db_low_utilization, + control.rds_mysql_postresql_db_no_unsupported_version ] tags = merge(local.rds_common_tags, { @@ -240,3 +241,39 @@ control "rds_db_instance_with_graviton" { EOQ } +control "rds_mysql_postresql_db_no_unsupported_version" { + title = "RDS MySQL and PostgreSQL DB instances with unsupported version should be reviewed" + description = "MySQL 5.7 and PostgreSQL 11 database instances running on Amazon Aurora and Amazon Relational Database Service (Amazon RDS) will be automatically enrolled into Amazon RDS Extended Support. This automatic enrollment may mean that you will experience higher charges when RDS Extended Support begins. You can avoid these charges by upgrading your database to a newer DB version." + severity = "low" + + tags = merge(local.rds_common_tags, { + class = "deprecated" + }) + + sql = <<-EOQ + select + arn as resource, + engine_version, + engine, + case + when not engine ilike any (array ['%mysql%', '%postgres%']) then 'skip' + when + (engine like '%mysql' and engine_version like '5.7.%' ) + or (engine like '%postgres%' and engine_version like '11.%') then 'alarm' + else 'ok' + end as status, + case + when not engine ilike any (array ['%mysql%', '%postgres%']) then title || ' is of ' || engine || ' engine type.' + when + (engine like '%mysql' and engine_version like '5.7.%' ) + or (engine like '%postgres%' and engine_version like '11.%') then title || ' is using RDS Extended Support.' + else title || ' is not using RDS Extended Support.' + end as reason + ${local.tag_dimensions_sql} + ${local.common_dimensions_sql} + from + aws_rds_db_instance; + EOQ +} + + From 87cccc2e1133afc81ea1ae56dc98a50df2e6d202 Mon Sep 17 00:00:00 2001 From: Khushboo <46913995+khushboo9024@users.noreply.github.com> Date: Wed, 27 Mar 2024 20:16:12 +0530 Subject: [PATCH 2/2] Add CHANGELOG for v0.29 (#175) --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2f42151..a95baff 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,10 @@ +## v0.29 [2024-03-27] + +_What's new?_ + +- New control added: + - `rds_mysql_postresql_db_no_unsupported_version` ([#174](https://github.com/turbot/steampipe-mod-aws-thrifty/pull/174)) + ## v0.28 [2024-04-06] _Powerpipe_