AWS EBS default encryption disabled

Docs > Plateforme de sécurité Datadog > OOTB Rules > AWS EBS default encryption disabled

Classification:

compliance

Framework:

cis-aws

Control:

2.2.1

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Goal

Detect when an EBS encryption is disabled by default.

Strategy

Monitor CloudTrail and detect when EBS encryption is disabled by default via the following API call:

DisableEbsEncryptionByDefault

Triage and response

Determine which user in your organization owns the API key that made this API call.
Contact the user and let them know that it is best practice to enable EBS encryption by default.
Re-enable EBS encryption by default.

For more information about Amazon EBS Encryption, check out the Amazon EBS Encryption documentation.

Changelog

18 March 2022 - Rule query and severity updated.
16 November 2022 - Rule query updated.