Ensure AWS copied AMIs are encrypted

Error: AWS copied AMIs are not encrypted

Bridgecrew Policy ID: BC_AWS_GENERAL_157
Checkov Check ID: CKV_AWS_235
Severity: LOW

AWS copied AMIs are not encrypted

Description

As a best practice enable encryption for your AWS copied AMIs to improve data security without making changes to your business or applications.

Fix - Runtime

Fix - Buildtime

Terraform

resource "aws_ami_copy" "pass" {
  name              = "terraform-example"
  description       = "A copy of ami-xxxxxxxx"
  source_ami_id     = "ami-xxxxxxxx"
  source_ami_region = "us-west-1"
  encrypted         = true
  tags = {
    Name = "HelloWorld"
    test = "failed"
  }
}

Updated 12 months ago