dms-endpoint-ssl-configured - AWS Config

dms-endpoint-ssl-configured

Checks if AWS Database Migration Service (AWS DMS) endpoints are configured with an SSL connection. The rule is NON_COMPLIANT if AWS DMS does not have an SSL connection configured.

Context: SSL/TLS connections provide one layer of security by encrypting data that moves between your client and a DB instance. Using server certificate provides an extra layer of security by validating that the connection is being made to an Amazon RDS DB instance. It does so by checking the server certificate that is automatically installed on all DB instances that you provision. By enabling SSL connection on AWS DMS, you protect the confidentiality of the data during the migration.

To configure SSL connection for AWS DMS, see Using SSL/TLS to encrypt a connection to a DB instance or cluster in the Amazon Relational Database Service User Guide.

Identifier: DMS_ENDPOINT_SSL_CONFIGURED

Resource Types: AWS::DMS::Endpoint

Trigger type: Configuration changes

AWS Region: All supported AWS regions

Parameters:

None

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.