From 2c8432f6630818fbaac0e206181bcf712803efb2 Mon Sep 17 00:00:00 2001
From: Tim Smith <tim@mondoo.com>
Date: Wed, 11 Sep 2024 07:29:04 -0700
Subject: [PATCH] Update AWS policy to not use deprecated field (#434)

aws.rds.dbInstances is now just aws.rds.instances.

Signed-off-by: Tim Smith <tsmith84@gmail.com>
---
 core/mondoo-aws-security.mql.yaml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/mondoo-aws-security.mql.yaml b/core/mondoo-aws-security.mql.yaml
index 6c280541..59f93516 100644
--- a/core/mondoo-aws-security.mql.yaml
+++ b/core/mondoo-aws-security.mql.yaml
@@ -1939,8 +1939,8 @@ queries:
     filters: |
       asset.platform == "aws"
     mql: |
-      aws.rds.dbInstances.all(publiclyAccessible == false)
-      aws.rds.dbInstances
+      aws.rds.instances.all(publiclyAccessible == false)
+      aws.rds.instances
         .where(publiclyAccessible != false)
         .none(securityGroups.where(
           vpc.routeTables.where(
@@ -1977,13 +1977,13 @@ queries:
         3. Run this query:
 
         ```mql
-        aws.rds.dbInstances.where(publiclyAccessible == true) {arn name region dbInstanceIdentifier tags}
+        aws.rds.instances.where(publiclyAccessible == true) {arn name region dbInstanceIdentifier tags}
         ```
 
         Example output:
 
         ```mql
-        aws.rds.dbInstances.where: [
+        aws.rds.instances.where: [
           0: {
             arn: \"arn:aws:rds:us-moonbase-2:12345:db:rds-12345-mondoo-demo\"
             tags: {