Ensure RDS global clusters are encrypted

Error: Unencrypted RDS global clusters

Bridgecrew Policy ID: BC_AWS_GENERAL_54
Checkov Check ID: CKV_AWS_140
Severity: LOW

Unencrypted RDS global clusters

Description

Encrypting your RDS global clusters helps protect your data from unauthorized access or tampering. That way, you can ensure that only authorized users can access and modify the contents of your repositories. Such action can help protect against external threats such as hackers or malware, as well as internal threats such as accidental or unauthorized access.

Fix - Buildtime

Terraform

  • Resource: aws_rds_global_cluster
  • Argument: storage_encrypted
resource "aws_rds_global_cluster" "example" {
  ...
+ storage_encrypted         = true
}