MSK clusters should be encrypted at rest

amazon-msk
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください

Description

MSK clusters should have at-rest encryption configured for data volumes. At-rest encryption protects stored data from unauthorized access and supports compliance requirements. Serverless MSK clusters are always encrypted and automatically pass this check.

Remediation

Create a new MSK cluster with at-rest encryption enabled. Existing provisioned clusters cannot have encryption changed after creation. For guidance, refer to Amazon MSK encryption.