From 69e0392a8bfd84f74497c216e3bb4b87630bb528 Mon Sep 17 00:00:00 2001
From: Sergio Garcia <38561120+sergargar@users.noreply.github.com>
Date: Thu, 20 Apr 2023 14:28:12 +0200
Subject: [PATCH] fix(rds): exclude Aurora in rds_instance_transport_encrypted
 check (#2245)

---
 .../rds_instance_transport_encrypted.py                    | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/prowler/providers/aws/services/rds/rds_instance_transport_encrypted/rds_instance_transport_encrypted.py b/prowler/providers/aws/services/rds/rds_instance_transport_encrypted/rds_instance_transport_encrypted.py
index a91c2f3e..a18b5005 100644
--- a/prowler/providers/aws/services/rds/rds_instance_transport_encrypted/rds_instance_transport_encrypted.py
+++ b/prowler/providers/aws/services/rds/rds_instance_transport_encrypted/rds_instance_transport_encrypted.py
@@ -14,8 +14,11 @@ class rds_instance_transport_encrypted(Check):
             report.status_extended = (
                 f"RDS Instance {db_instance.id} connections are not encrypted."
             )
-            # Check only RDS SQL Server or PostgreSQL engines
-            if any(engine in db_instance.engine for engine in supported_engines):
+            # Check only RDS SQL Server or PostgreSQL engines (Aurora not supported)
+            if (
+                any(engine in db_instance.engine for engine in supported_engines)
+                and "aurora" not in db_instance.engine
+            ):
                 for parameter in db_instance.parameters:
                     if (
                         parameter["ParameterName"] == "rds.force_ssl"