diff --git a/cfngoat.yaml b/cfngoat.yaml
index 7e80f9a8..a2c7990c 100644
--- a/cfngoat.yaml
+++ b/cfngoat.yaml
@@ -259,6 +259,7 @@ Resources:
             AWS: !Sub arn:aws:iam::${AWS::AccountId}:root
           Action: kms:*
           Resource: '*'
+      EnableKeyRotation: True
 
   LogsKeyAlias:
     Type: AWS::KMS::Alias
@@ -290,15 +291,13 @@ Resources:
       MasterUserPassword: !Ref Password
       MultiAZ: False
       BackupRetentionPeriod: 0 
-      StorageEncrypted: False
+      StorageEncrypted: True
       MonitoringInterval: 0 
-      PubliclyAccessible: True
       Tags:
         - Key: Name
           Value: !Sub "${AWS::AccountId}-${CompanyName}-${Environment}-rds"
         - Key: Environment
           Value: !Sub "${AWS::AccountId}-${CompanyName}-${Environment}"
-
   DefaultDBOptionGroup:
     Type: AWS::RDS::OptionGroup
     Properties: 
@@ -310,7 +309,6 @@ Resources:
           Value: !Sub "og-${AWS::AccountId}-${CompanyName}-${Environment}"
         - Key: Environment
           Value: !Sub "${AWS::AccountId}-${CompanyName}-${Environment}"
-
   DefaultDBParameterGroup:
     Type: AWS::RDS::DBParameterGroup
     Properties: