Ensure only encrypted EBS volumes are attached to EC2 instances
Error: Not only encrypted EBS volumes are attached to EC2 instances
Bridgecrew Policy ID: BC_AWS_GENERAL_60
Checkov Check ID: CKV2_AWS_2
Severity: LOW
Not only encrypted EBS volumes are attached to EC2 instances
Description
TBA
Fix - Buildtime
Terraform
- Resource: aws_volume_attachment, aws_instance, aws_ebs_volume
- Argument: volume_id and instance_id of aws_volume_attachment
resource "aws_instance" "web" {
ami = "ami-21f78e11"
availability_zone = "us-west-2a"
instance_type = "t2.micro"
tags = {
Name = "HelloWorld"
}
}
resource "aws_volume_attachment" "ok_attachment1" {
device_name = "/dev/sdh3"
volume_id = aws_ebs_volume.ok_ebs2.id
instance_id = aws_instance.web.id
}
resource "aws_ebs_volume" "ok_ebs2" {
availability_zone = ""
encrypted = true
}
Updated 12 months ago
Did this page help you?