AWS copied AMIs are not encrypted
Description
As a best practice enable encryption for your AWS copied AMIs to improve data security without making changes to your business or applications.
Code Example
go
resource "aws_ami_copy" "pass" {
name = "terraform-example"
description = "A copy of ami-xxxxxxxx"
source_ami_id = "ami-xxxxxxxx"
source_ami_region = "us-west-1"
encrypted = true
tags = {
Name = "HelloWorld"
test = "failed"
}
}Remediation
Terraform
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0283 |
| Severity | LOW |
| IaC Type | Terraform |
| Frameworks | Terraform |
| Checkov ID | CKV_AWS_235 |