id: rds-ri-payment-fail
info:
  name: RDS RI Payment Failure
  author: princechaddha
  severity: high
  description: |
    Identifies failed RDS Reserved Instance purchases due to payment failures, affecting potential cost savings.
  impact: |
    Prevents utilization of reserved instance discounts, potentially leading to higher operational costs.
  remediation: |
    Review the payment methods on file and retry the reservation purchase for RDS instances to secure discounted rates.
  reference:
    - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithReservedDBInstances.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,rds,aws-cloud-config
variables:
  region: "ap-northeast-1"

flow: |
  code(1)
  for(let DBInstances of iterate(template.instances)){
    set("db", DBInstances)
    code(2)
  }

self-contained: true
code:
  - engine:
      - sh
      - bash
    source: |
      aws rds describe-reserved-db-instances --region $region --output json --query 'ReservedDBInstances[*].ReservedDBInstanceId'

    extractors:
      - type: json
        name: snapshots
        internal: true
        json:
          - '.[]'

  - engine:
      - sh
      - bash
    source: |
         aws rds describe-reserved-db-instances --region $region --reserved-db-instance-id $db --query 'ReservedDBInstances[*].State'

    matchers:
      - type: word
        words:
          - 'payment-failed'

    extractors:
      - type: dsl
        dsl:
          - '"RDS Reserved Instance purchase has failed for " + db'
# digest: 490a0046304402204a87e8dbc52f8aa2867a09fe762c4eace58048fadd793ae073b556f4814e4e50022013d99683b2f38021dd6593524fc114936c990879b36fe374fde999d9a7764d00:922c64590222798bb761d5b6d8e72950