Trying to run trusted advisor recommendations from CLI. is there a way to get trusted-advisor-checks against a single resource (ie. an RDS instance)? I seem to be able to pull all trust-advisor-recommendations for the account but theres no filter for resource-id (or ARN).

aws support describe-trusted-advisor-checks  \
  --profile ${account_profile}  \
  --language en  \
  | jq -r  ".checks[] | \"$account_profile,\(.id),\(.name),\(.category),\(.metadata)\" "

## sample output:
account123456,nNauJivDiT,Amazon RDS Security Group Access Risk,security,["Region","RDS Security Group Name","Ingress Rule","Status","Reason"]

^^^ there's a

check-id

but nothing else tying the check to a resource.

Did you manage to resolve this ?

My call with aws support seemed to find that there's no way to find trusted-advisor-recommendations per resource, only by the trusted-advisor-check. Ultimately, I'm trying to setup a database health/scorecard. So presumably, each DB would have either all green TA checks (100% happy), or some yellow/red results against it (meaning <100%, or lower score).