- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
ID: terraform-aws/aws-sns-topic-encryption
Language: Terraform
Severity: Warning
Category: Security
This rule checks that all Simple Notification Service (SNS) topics created in your Terraform scripts are encrypted using a Key Management Service (KMS) key. SNS is a web service that coordinates and manages the delivery or sending of messages to subscribing endpoints or clients. As such, it is crucial to ensure that all messages sent via SNS topics are encrypted to protect sensitive data from unauthorized access.
Encryption is an essential step in securing your AWS SNS topics. Without encryption, any data sent through your SNS topics is vulnerable to interception and unauthorized access. This can lead to data breaches and non-compliance with data protection regulations.
To avoid violating this rule, ensure that you specify a kms_master_key_id
for each aws_sns_topic
in your Terraform scripts. This key ID should reference a valid AWS KMS key that you have permissions to use. By doing so, you ensure that all messages sent through your SNS topics are encrypted using the specified KMS key. This is a best practice for maintaining the security and integrity of your data.
resource "aws_sns_topic" "default" {
name = "example"
}
resource "aws_sns_topic" "default" {
name = "example"
kms_master_key_id = "aws_kms_key.arn"
}
|
|
For more information, please read the Code Analysis documentation
Identify code vulnerabilities directly in yourVS Code editor
Identify code vulnerabilities directly inJetBrains products