Ensure AWS DAX cluster endpoint uses (Transport Layer Security) TLS
Error: AWS DAX cluster endpoint does not use TLS (Transport Layer Security)
Bridgecrew Policy ID: BC_AWS_GENERAL_144
Checkov Check ID: CKV_AWS_239
Severity: LOW
AWS DAX cluster endpoint does not use TLS (Transport Layer Security)
Description
The Transport Layer Security (TLS) protocol secures transmission of data between servers and web browsers, over the Internet, using standard encryption technology. To follow security best practices and the latest PCI compliance standards, enable the latest version of TLS protocol (i.e. TLS 1.2) for all yourDAX Servers.
Fix - Runtime
Fix - Buildtime
Terraform
resource "aws_dax_cluster" "pass" {
cluster_name = var.cluster_name
iam_role_arn = var.iam_role_arn
parameter_group_name = aws_dax_parameter_group.example.name
subnet_group_name = aws_dax_subnet_group.example.name
cluster_endpoint_encryption_type = "TLS"
server_side_encryption {
enabled = false #default is false
}
tags = { test = "Fail" }
}
Updated 12 months ago