- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
ID: terraform-aws/aws-kinesis-no-encryption
Language: Terraform
Severity: Warning
Category: Security
This rule is designed to ensure that encryption is enabled for your AWS Kinesis data streams. Encryption in transit is a vital security measure that protects your data from unauthorized access as it moves from one location to another. Without it, your sensitive data could be exposed to potential threats.
The importance of this rule cannot be overstated. In today’s digital landscape, data breaches are increasingly common and can have significant impacts on your organization’s reputation and bottom line. Therefore, enabling encryption for your Kinesis data streams is a crucial step in safeguarding your data.
To avoid violating this rule, ensure that you specify the encryption_type
attribute in your aws_kinesis_stream
resource block and set it to KMS
. This enables AWS Key Management Service (KMS) encryption for your data stream. An example of compliant code would be:
encryption_type = "KMS"
}```. By adhering to this practice, you can keep your data secure and maintain compliance with this Terraform static analysis rule.
## Non-Compliant Code Examples
```terraform
resource "aws_kinesis_stream" "mystream" {
}
resource "aws_kinesis_stream" "mystream" {
encryption_type = "NONE"
}
resource "aws_kinesis_stream" "mystream" {
encryption_type = "KMS"
}
|
|
For more information, please read the Code Security documentation
Identify code vulnerabilities directly in yourVS Code editor
Identify code vulnerabilities directly inJetBrains products