RDS clusters should have encryption at rest enabled

rds
이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

This check verifies RDS database clusters encrypt data at rest. Data at rest encompasses any information stored in persistent, non-volatile storage. Encryption is crucial for safeguarding the confidentiality of this data, mitigating the risk of unauthorized access. Ensuring your RDS database clusters are encrypted protects both your data and metadata from unauthorized access, as well as assists with adherence to compliance standards for encrypting data at rest in production file systems.

Remediation

To enable encryption at rest, configure it during the creation of an RDS database cluster, as encryption settings cannot be modified post-creation. For further guidance, refer to the Encrypting an Amazon Aurora DB cluster section in the Amazon Aurora User Guide.