feat(aws): Add new RDS check for deletion protection enabled on clusters

[danibarranqueroo]

Context

This new check will verify that deletion protection is enabled for Amazon RDS DB clusters. Enabling deletion protection provides a critical safeguard against accidental or unauthorized deletions, ensuring that the clusters cannot be removed without explicitly disabling this setting first.

When you try to create a new RDS database, there is an option in the additional configuration that allows you to enable deletion protection with the following description: "Protects the database from being deleted accidentally. While this option is enabled, you can’t delete the database." This check verifies that every DB cluster has this option enabled.

Description

I added rds_cluster_deletion_protection with its respective unit test.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 89.11%. Comparing base (cb807e4) to head (e665361).
Report is 12 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #4738      +/-   ##
==========================================
+ Coverage   89.06%   89.11%   +0.04%     
==========================================
  Files         914      921       +7     
  Lines       27970    28140     +170     
==========================================
+ Hits        24912    25077     +165     
- Misses       3058     3063       +5     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[MrCloudSec]

Please, change the CLI command for the cluster one.

[MrCloudSec]

I think we should remove the cluster logic from the check rds_instance_deletion_protection, what do you think?

[danibarranqueroo]

Yes, good point. We can do it the same way we did in #4730

[MrCloudSec]

👏🏼