🧠 AWS RDS Security Group Event Subscription for critical events is not configured - prod.logic.yaml🟢
- Contextual name: 🧠 prod.logic.yaml🟢
- ID:
/ce/ca/aws/rds/security-group-event-subscription/prod.logic.yaml - Tags:
Uses
Test Results 🟢
Generated at: 2026-02-07T12:02:42.465504157Z Open
| Result | Id | Condition Index | Condition Text | Runtime Error |
|---|---|---|---|---|
| 🟢 | 001 | ✔️ 199 | ✔️ CA10__AWS_RDS_Event_Subscriptions__r.has(COMPLIANT) | ✔️ null |
| 🟢 | 002 | ✔️ 200 | ✔️ otherwise | ✔️ null |
| 🟢 | 003 | ✔️ 200 | ✔️ otherwise | ✔️ null |
Generation Bundle
| File | MD5 | |
|---|---|---|
| Open | /ce/ca/aws/rds/security-group-event-subscription/policy.yaml | BD759A8B4CA3910B270571BE4D532E8F |
| Open | /ce/ca/aws/rds/security-group-event-subscription/prod.logic.yaml | D2F88120A7F255F298DC92CB036E7FF5 |
| Open | /ce/ca/aws/rds/security-group-event-subscription/test-data.json | 4A075BF6343ECC5A4976C609BB29704B |
| Open | /types/CA10__CaAwsDbEventSubscription__c/object.extracts.yaml | CFB79FB71BF9EF5147DA4CFCE1DE4747 |
Available Commands
repo-manager policies generate FULL /ce/ca/aws/rds/security-group-event-subscription/prod.logic.yaml
repo-manager policies generate DEBUG /ce/ca/aws/rds/security-group-event-subscription/prod.logic.yaml
repo-manager policies generate CAPTURE_TEST_DATA /ce/ca/aws/rds/security-group-event-subscription/prod.logic.yaml
repo-manager policies generate TESTS /ce/ca/aws/rds/security-group-event-subscription/prod.logic.yaml
# Execute tests
repo-manager policies test /ce/ca/aws/rds/security-group-event-subscription/prod.logic.yaml
Content
---
inputType: "CA10__CaAwsAccount__c"
testData:
- file: test-data.json
conditions:
- status: "COMPLIANT"
currentStateMessage: "The RDS Event Subscription for critical Security Group events is configured."
check:
RELATED_LIST_HAS:
relationshipName: "CA10__AWS_RDS_Event_Subscriptions__r"
status: "COMPLIANT"
otherwise:
status: "INCOMPLIANT"
currentStateMessage: "The RDS Event Subscription is not configured for critical Security Group events."
remediationMessage: "Configure Event Subscription for critical Security Group events."
relatedLists:
- relationshipName: "CA10__AWS_RDS_Event_Subscriptions__r"
importExtracts:
- file: /types/CA10__CaAwsDbEventSubscription__c/object.extracts.yaml
conditions:
- status: "INAPPLICABLE"
currentStateMessage: "This is not an active Security Group Event Subscription."
check:
NOT:
arg:
AND:
args:
- IS_EQUAL:
left:
EXTRACT: "CA10__enabled__c"
right:
BOOLEAN: true
- IS_EQUAL:
left:
EXTRACT: "CA10__sourceType__c"
right:
TEXT: 'db-security-group'
- status: "COMPLIANT"
currentStateMessage: "This is an Event Subscription for critical Security Group Events."
check:
CONTAINS_ALL:
arg:
EXTRACT: "CA10__eventCategories__c"
search:
LIST:
itemType: TEXT
items: ["configuration change", "failure"]
otherwise:
status: "INCOMPLIANT"
currentStateMessage: "This is an Event Subscription for non-critical Security Group Events."