AWS Sagemaker Data Quality Job not encrypting communications between instances used for monitoring jobs
Description
This policy checks whether all communications between instances used for monitoring jobs in Amazon SageMaker Data Quality Jobs are encrypted. Encryption is crucial to safeguard sensitive information during transmission. Unencrypted data can be easily intercepted by unauthorized individuals, potentially leading to data breaches or other security incidents.
Code Example
go
resource "aws_sagemaker_data_quality_job_definition" "job_definition" {
job_definition_name = "data-quality-job-definition"
...
network_config {
+ enable_inter_container_traffic_encryption = true
}
}Remediation
Terraform
- Resource: aws_sagemaker_data_quality_job_definition
- Arguments: network_config/enable_inter_container_traffic_encryption
Ensure that the `network_config`` block includes the `enable_inter_container_traffic_encryption`` argument, and set this argument to `true`, as displayed in the example below.
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0416 |
| Severity | LOW |
| IaC Type | Cloudformation |
| Frameworks | Terraform, TerraformPlan, CloudFormation |
| Checkov ID | CKV_AWS_369 |