diff --git a/aws/policy/data-services.yaml b/aws/policy/data-services.yaml
index fd140a04..31d9d5ad 100644
--- a/aws/policy/data-services.yaml
+++ b/aws/policy/data-services.yaml
@@ -73,6 +73,10 @@ Statement:
       - rds:ModifyDBParameterGroup
       - rds:ModifyDBSubnetGroup
       - rds:RemoveTagsFromResource
+      - rds:DescribeOptionGroups
+      - rds:CreateOptionGroup
+      - rds:ModifyOptionGroup
+      - rds:DeleteOptionGroup
     Resource:
       - 'arn:aws:dms:{{ aws_region }}:{{ aws_account_id }}:subgrp:*'
       - 'arn:aws:dynamodb:{{ aws_region }}:{{ aws_account_id }}:table/*'
@@ -85,6 +89,7 @@ Statement:
       - 'arn:aws:rds:{{ aws_region }}:{{ aws_account_id }}:subgrp:*'
       - 'arn:aws:rds:{{ aws_region }}:{{ aws_account_id }}:cluster:*'
       - 'arn:aws:rds:{{ aws_region }}:{{ aws_account_id }}:pg:*'
+      - 'arn:aws:rds:{{ aws_region }}:{{ aws_account_id }}:og:*'
   - Sid: AllowGlobalRestrictedResourceActionsWhichIncurFees
     Effect: Allow
     Action:
diff --git a/aws/terminator/data_services.py b/aws/terminator/data_services.py
index bbfc05f6..73417c52 100644
--- a/aws/terminator/data_services.py
+++ b/aws/terminator/data_services.py
@@ -183,6 +183,27 @@ def terminate(self):
         self.client.delete_cluster(ClusterIdentifier=self.id, SkipFinalClusterSnapshot=True)
 
 
+class RdsOptionGroup(DbTerminator):
+    @staticmethod
+    def create(credentials):
+        return Terminator._create(credentials, RdsOptionGroup, 'rds', lambda client: client.describe_option_groups()['OptionGroupsList'])
+
+    @property
+    def id(self):
+        return self.instance['OptionGroupArn']
+
+    @property
+    def name(self):
+        return self.instance['OptionGroupName']
+
+    @property
+    def ignore(self):
+        return self.name.startswith('default')
+
+    def terminate(self):
+        self.client.delete_option_group(OptionGroupName=self.name)
+
+
 class KafkaConfiguration(Terminator):
     @staticmethod
     def create(credentials):