| ๐ผ [RDS.1] RDS snapshot should be private | | 1 | 1 | |
| ๐ผ [RDS.2] RDS DB Instances should prohibit public access, as determined by the PubliclyAccessible configuration | | 1 | 1 | |
| ๐ผ [RDS.3] RDS DB instances should have encryption at-rest enabled | | 1 | 1 | |
| ๐ผ [RDS.4] RDS cluster snapshots and database snapshots should be encrypted at rest | | | | |
| ๐ผ [RDS.5] RDS DB instances should be configured with multiple Availability Zones | | 1 | 1 | |
| ๐ผ [RDS.6] Enhanced monitoring should be configured for RDS DB instances | | | | |
| ๐ผ [RDS.7] RDS clusters should have deletion protection enabled | | | | |
| ๐ผ [RDS.8] RDS DB instances should have deletion protection enabled | | | | |
| ๐ผ [RDS.9] RDS DB instances should publish logs to CloudWatch Logs | | | | |
| ๐ผ [RDS.10] IAM authentication should be configured for RDS instances | | | | |
| ๐ผ [RDS.11] RDS instances should have automatic backups enabled | | | | |
| ๐ผ [RDS.12] IAM authentication should be configured for RDS clusters | | | | |
| ๐ผ [RDS.13] RDS automatic minor version upgrades should be enabled | | 1 | 1 | |
| ๐ผ [RDS.14] Amazon Aurora clusters should have backtracking enabled | | | | |
| ๐ผ [RDS.15] RDS DB clusters should be configured for multiple Availability Zones | | | | |
| ๐ผ [RDS.16] RDS DB clusters should be configured to copy tags to snapshots | | | | |
| ๐ผ [RDS.17] RDS DB instances should be configured to copy tags to snapshots | | | | |
| ๐ผ [RDS.18] RDS instances should be deployed in a VPC | | | | |
| ๐ผ [RDS.19] Existing RDS event notification subscriptions should be configured for critical cluster events | | | | |
| ๐ผ [RDS.20] Existing RDS event notification subscriptions should be configured for critical database instance events | | | | |
| ๐ผ [RDS.21] An RDS event notifications subscription should be configured for critical database parameter group events | | | | |
| ๐ผ [RDS.22] An RDS event notifications subscription should be configured for critical database security group events | | | | |
| ๐ผ [RDS.23] RDS instances should not use a database engine default port | | 1 | 1 | |
| ๐ผ [RDS.24] RDS Database clusters should use a custom administrator username | | | | |
| ๐ผ [RDS.25] RDS database instances should use a custom administrator username | | | | |
| ๐ผ [RDS.27] RDS DB clusters should be encrypted at rest | | | | |
| ๐ผ [RDS.34] Aurora MySQL DB clusters should publish audit logs to CloudWatch Logs | | | | |
| ๐ผ [RDS.35] RDS DB clusters should have automatic minor version upgrade enabled | | | | |
| ๐ผ [RDS.36] RDS for PostgreSQL DB instances should publish logs to CloudWatch Logs | | | | |
| ๐ผ [RDS.37] Aurora PostgreSQL DB clusters should publish logs to CloudWatch Logs | | | | |
| ๐ผ [RDS.40] RDS for SQL Server DB instances should publish logs to CloudWatch Logs | | | | |