Determine if the AWS Neptune database instances provisioned in your AWS account have the desired instance type established by your organization based on the workload deployed. Cloud Conformity provides you with the capability to define the desired database instance type based on your workload requirements upon enabling this rule.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Configuring limits for your Amazon Neptune instance types will help you address internal compliance requirements and prevent unexpected charges on your monthly AWS bill.
Note 1: You can also limit your Neptune database instances to the desired type using AWS Organizations service by implementing your own Service Control Policy on the master account. A Service Control Policy (SCP) is a type of policy that you can use to manage your AWS organization. SCPs enable you to restrict what resources, services and actions the users, groups, and roles in those AWS accounts can use.
Note 2: The desired Neptune instance type used as example in this conformity rule is db.r4.xlarge. To meet your own organizational requirements, you will need to configure this rule with your desired instance type, in the rule settings, on the Cloud Conformity account dashboard.
To determine if the Neptune database instances launched within your AWS account have the desired instance type, perform the following actions:
To limit the launch process for any future AWS Neptune database instances to a desired instance type, perform the following actions:Note: Creating a support case to request the necessary limitation using the AWS API via Command Line Interface (CLI) is not currently supported by Amazon Web Services.