Ensure that Timestream database is encrypted with KMS CMK

Error: Timestream database is not encrypted with KMS CMK

Bridgecrew Policy ID: BC_AWS_GENERAL_87
Checkov Check ID: CKV_AWS_160
Severity: MEDIUM

Timestream database is not encrypted with KMS CMK

Description

TBD

Fix - Buildtime

Terraform

  • Resource: aws_timestreamwrite_database
  • Argument: kms_key_id
resource "aws_timestreamwrite_database" "test" {
    ...
+ kms_key_id = var.kms_key_id
}

CloudFormation

  • Resource: AWS::Timestream::Database
  • Argument: Properties.KmsKeyId
Type: AWS::Timestream::Database
    Properties:
      ...
+     KmsKeyId: kms-key-id

Did this page help you?