Data Ops

Database configuration auditing, backup compliance, data residency checks, and DB access controls. Currently in Beta.

Beta

Data Ops skills are in Beta. Expected GA: Q3 2026.

What it covers

Skill	What it detects	Output
RDS configuration audit	Encryption at rest/in transit, public accessibility, deletion protection	Finding
Backup compliance	RDS automated backups disabled, backup retention < required days	Finding
Data residency	Resources storing data outside approved regions	Finding
DB access controls	RDS security groups, parameter groups, IAM database auth	Report
Multi-AZ compliance	Production RDS without Multi-AZ enabled	Finding

Example prompts

Which RDS instances don't have encryption at rest enabled?

Are any of my databases publicly accessible?

Which production RDS instances lack Multi-AZ?

Show me all databases with backup retention under 7 days

Are any databases storing data outside approved regions?

Required permissions

json

"rds:DescribeDBInstances",
"rds:DescribeDBClusters",
"rds:DescribeDBSnapshots",
"rds:ListTagsForResource",
"rds:DescribeDBParameterGroups",
"rds:DescribeDBSubnetGroups"

Next steps

Compliance Ops — Data residency and encryption feed GDPR and HIPAA controls
SecOps — Network-level database exposure

Data Ops ​

What it covers ​

Example prompts ​

Required permissions ​

Next steps ​

Data Ops

What it covers

Example prompts

Required permissions

Next steps