# rds-postgres-instance-encrypted-in-transit
<a name="rds-postgres-instance-encrypted-in-transit"></a>

Checks if connections to Amazon RDS PostgreSQL database instances are configured to use encryption in transit. The rule is NON\$1COMPLIANT if the associated database parameter group is not in-sync or if the rds.force\$1ssl parameter is not set to 1. 

**Note**  
The rule returns `NOT_APPLICABLE` if the Amazon RDS instance is part of an RDS cluster.

**Identifier:** RDS\$1POSTGRES\$1INSTANCE\$1ENCRYPTED\$1IN\$1TRANSIT

**Resource Types:** AWS::RDS::DBInstance

**Trigger type:** Periodic

**AWS Region:** All supported AWS regions except Asia Pacific (New Zealand), Asia Pacific (Thailand), Asia Pacific (Malaysia), Mexico (Central), Asia Pacific (Taipei), Canada West (Calgary) Region

**Parameters:**

None  

## AWS CloudFormation template
<a name="w2aac20c16c17b7e1265c19"></a>

To create AWS Config managed rules with AWS CloudFormation templates, see [Creating AWS Config Managed Rules With AWS CloudFormation Templates](aws-config-managed-rules-cloudformation-templates.md).