ECS services must have volume encryption for mounted EFS volumes

ecs
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Description

ECS services that mount EFS volumes should ensure that all mounted EFS file systems have encryption enabled to protect data at rest.

Remediation

Enable encryption on all EFS file systems mounted by ECS services by setting the encrypted parameter to true when creating the EFS file system, and optionally specify a KMS key for encryption. Refer to the Encryption best practices for Amazon ECS.