AWS MemoryDB data is not encrypted in transit

Description

This policy identifies the AWS MemoryDB that are configured with disabled in-transit data encryption. It is recommended that these resources will be configured with in-transit data encryption to minimize risk for sensitive data being leaked.

Code Example

resource "aws_memorydb_cluster" "pass2" {
  acl_name                 = "open-access"
  name                     = "my-cluster"
  node_type                = "db.t4g.small"
  num_shards               = 2
  security_group_ids       = [aws_security_group.example.id]
  snapshot_retention_limit = 7
  subnet_group_name        = aws_memorydb_subnet_group.example.id
  tls_enabled              = true
}

Remediation

Terraform

Rule Details

Field	Value
ID	IAC-0250
Severity	LOW
IaC Type	Terraform
Frameworks	Terraform
Checkov ID	CKV_AWS_202

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

AWS MemoryDB data is not encrypted in transit

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

AWS MemoryDB data is not encrypted in transit ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

AWS MemoryDB data is not encrypted in transit

Description

Code Example

Remediation

Rule Details

References