MSK clusters should be encrypted at rest

amazon-msk
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Description

MSK clusters should have at-rest encryption configured for data volumes. At-rest encryption protects stored data from unauthorized access and supports compliance requirements. Serverless MSK clusters are always encrypted and automatically pass this check.

Remediation

Create a new MSK cluster with at-rest encryption enabled. Existing provisioned clusters cannot have encryption changed after creation. For guidance, refer to Amazon MSK encryption.