Ensure AWS MemoryDB data is encrypted in transit
Error: AWS MemoryDB data is not encrypted in transit
Bridgecrew Policy ID: BC_AWS_GENERAL_164
Checkov Check ID: CKV_AWS_202
Severity: LOW
AWS MemoryDB data is not encrypted in transit
Description
This policy identifies the AWS MemoryDB that are configured with disabled in-transit data encryption. It is recommended that these resources will be configured with in-transit data encryption to minimize risk for sensitive data being leaked.
Fix - Runtime
Fix - Buildtime
Terraform
resource "aws_memorydb_cluster" "pass2" {
acl_name = "open-access"
name = "my-cluster"
node_type = "db.t4g.small"
num_shards = 2
security_group_ids = [aws_security_group.example.id]
snapshot_retention_limit = 7
subnet_group_name = aws_memorydb_subnet_group.example.id
tls_enabled = true
}
Updated 5 months ago