Remove DocDB checks & a duplicate deletion protection check

2024-08-10 06:11:38 +00:00 · 2024-08-10 06:11:38 +00:00 · 12e87173dd
commit 12e87173dd
parent bc9cd3574f
4 changed files with 0 additions and 73 deletions
--- a/bp-base.json
+++ b/bp-base.json
@ -100,10 +100,6 @@
        "enabled": true,
        "level": 2
      },
-      "rds-instance-deletion-protection-enabled": {
-        "enabled": true,
-        "level": 1
-      },
      "rds-instance-public-access-check": {
        "enabled": true,
        "level": 2
@ -240,27 +236,6 @@
      }
    }
  },
-  "DocDB": {
-    "enabled": true,
-    "rules": {
-      "docdb-cluster-audit-logging-enabled": {
-        "enabled": true,
-        "level": 2
-      },
-      "docdb-cluster-backup-retention-check": {
-        "enabled": true,
-        "level": 2
-      },
-      "docdb-cluster-deletion-protection-enabled": {
-        "enabled": true,
-        "level": 1
-      },
-      "docdb-cluster-encrypted": {
-        "enabled": true,
-        "level": 2
-      }
-    }
-  },
  "DynamoDB": {
    "enabled": true,
    "rules": {
--- a/services/init.py
+++ b/services/init.py
@ -8,7 +8,6 @@ from . import (
    kms,
    codeseries,
    cloudwatch,
-    docdb,
    dynamodb,
    ecr,
    ecs,
--- a/services/docdb.py
+++ b/services/docdb.py
@ -1,29 +0,0 @@
-from models import RuleCheckResult
-import boto3
-
-
-# client = boto3.client("")
-
-
-def docdb_cluster_audit_logging_enabled():
-    return RuleCheckResult(
-        passed=False, compliant_resources=[], non_compliant_resources=[]
-    )
-
-
-def docdb_cluster_backup_retention_check():
-    return RuleCheckResult(
-        passed=False, compliant_resources=[], non_compliant_resources=[]
-    )
-
-
-def docdb_cluster_deletion_protection_enabled():
-    return RuleCheckResult(
-        passed=False, compliant_resources=[], non_compliant_resources=[]
-    )
-
-
-def docdb_cluster_encrypted():
-    return RuleCheckResult(
-        passed=False, compliant_resources=[], non_compliant_resources=[]
-    )
--- a/services/rds.py
+++ b/services/rds.py
@ -217,24 +217,6 @@ def rds_enhanced_monitoring_enabled():
    )


-def rds_instance_deletion_protection_enabled():
-    compliant_resources = []
-    non_compliant_resources = []
-    instances = client.describe_db_instances()["DBInstances"]
-
-    for instance in instances:
-        if instance.get("DeletionProtection", False) != False:
-            compliant_resources.append(instance["DBInstanceArn"])
-        else:
-            non_compliant_resources.append(instance["DBInstanceArn"])
-
-    return RuleCheckResult(
-        passed=not non_compliant_resources,
-        compliant_resources=compliant_resources,
-        non_compliant_resources=non_compliant_resources,
-    )
-
-
 def rds_instance_public_access_check():
    compliant_resources = []
    non_compliant_resources = []