Data protection

QLDB Ledger has deletion protection disabled

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

QLDB Ledgers are typically used to record sensitive information of an organization. Enabling Ledger deletion protection is an additional layer of protection against accidental database deletion or deletion by an unauthorized entity. It was detected that the QLDB Ledger {AwsQldbLedger} has deletion protection disabled.
  • Recommended Mitigation

    It is recommended to enable ledger deletion protection. You can change the ledger deletion protection state using the Amazon QLDB API, AWS Command Line Interface (AWS CLI), or Amazon QLDB console.