Ensure that all Amazon RDS Reserved Instance (RI) purchases are reviewed every 7 days in order to confirm that no unwanted reservation purchase has been placed recently.
This rule can help you work with the AWS Well-Architected Framework.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
optimisation
By checking your RDS Reserved Instances on a regular basis you can detect and cancel any unwanted purchases placed within your AWS account and avoid unexpected charges on your AWS monthly bill.
Note: You can change the default threshold value (7 days) for the review time range within the rule settings available on the Cloud Conformity console.
Audit
To identify all active RDS RI purchases available in your AWS account for review purposes, perform the following:
Remediation / Resolution
Case A: Check the Cloudtrail service logs (if Amazon Cloudtrail is enabled) from the date when the RDS RI purchase request was placed to determine the request origin and context. To find and analyze the necessary AWS API logging data recorded by CloudTrail, perform the following actions:
Case B: Another way to mitigate unwanted RDS Reserved Instance purchase requests is to contact Amazon Web Services and ask for RI purchases cancellation. To create the necessary case through the AWS Support Center, perform the following:
Note: Requesting Amazon to cancel your unwanted RDS RI purchase requests using AWS Management Console or AWS API via Command Line Interface (CLI) is not currently supported.References
- AWS Documentation
- Amazon RDS Reserved Instances
- Working with Reserved DB Instances
- AWS Command Line Interface (CLI) Documentation
- rds
- describe-reserved-db-instances
- cloudtrail
- describe-trails
- s3api
- list-objects
- get-object