SNS Topic should have server-side encryption enabled

Docs > Plateforme de sécurité Datadog > OOTB Rules > SNS Topic should have server-side encryption enabled

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Description

Enable Server-Side Encryption for your AWS Simple Notification Service (SNS) topics.

Rationale

Server-Side Encryption (SSE) protects the data of published messages within your SNS topics, which can help adhere to compliance and regulatory requirements.

Remediation

From the console

Follow the Enabling server-side encryption (SSE) for an Amazon SNS topic docs to learn how to enable encryption from the AWS Management Console.

From the command line

Run set-topic-attributes with the ARN of the SNS topic and the KmsMasterKeyId.

set-topic-attributes.sh

aws sns set-topic-attributes
  --topic-arn arn:aws:sns:region:123456789012:YourTopic
  --attribute-name KmsMasterKeyId
  --attribute-value YourTopicDisplayName