ECS services must have volume encryption for mounted EFS volumes

ecs
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

ECS services that mount EFS volumes should ensure that all mounted EFS file systems have encryption enabled to protect data at rest.

Remediation

Enable encryption on all EFS file systems mounted by ECS services by setting the encrypted parameter to true when creating the EFS file system, and optionally specify a KMS key for encryption. Refer to the Encryption best practices for Amazon ECS.