---
title: MSK clusters should be encrypted in transit among broker nodes
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > MSK clusters should be encrypted in
  transit among broker nodes
---

# MSK clusters should be encrypted in transit among broker nodes
 
## Description{% #description %}

This rule checks whether Amazon MSK clusters have encryption enabled for data in transit among broker nodes.

By default, Amazon MSK encrypts data in transit within the cluster. This setting can be modified during the cluster creation process.

## Remediation{% #remediation %}

To configure encryption in transit for MSK clusters, adjust the encryption settings during cluster creation. For detailed steps on setting up encryption in transit, refer to [Updating security settings of a cluster](https://docs.aws.amazon.com/msk/latest/developerguide/msk-update-security.html) in the Amazon Managed Streaming for Apache Kafka Developer Guide.