AWS Redshift instances are not encrypted

Description

This policy identifies AWS Redshift instances which are not encrypted. These instances should be encrypted for clusters to help protect data at rest which otherwise can result in a data breach.

Code Example

resource "aws_redshift_cluster" "redshift" {
  ...
  cluster_identifier        = "shifty"
+ encrypted                 = true
  kms_key_id                = var.kms_key_id
  ...
}

Remediation

Terraform

In order to mitigate this issue, ensure `encrypted` is set to `true`.

Rule Details

Field	Value
ID	IAC-0117
Severity	LOW
IaC Type	Cloudformation
Frameworks	CloudFormation, Terraform, TerraformPlan, Serverless
Checkov ID	CKV_AWS_64

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

AWS Redshift instances are not encrypted

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

AWS Redshift instances are not encrypted ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

AWS Redshift instances are not encrypted

Description

Code Example

Remediation

Rule Details

References