AWS SSM Parameter is not encrypted

Description

As a best practice enable encryption for your AWS SSM Parameter to improve data security without making changes to your business or applications.

Code Example

resource "aws_ssm_parameter" "aws_ssm_parameter_ok" {
 name            = "sample"
* type            = "SecureString"
 value           = "test"
 description     = "policy test"
 tier            = "Standard"
 allowed_pattern = ".*"
 data_type       = "text"
}

Remediation

Terraform

Rule Details

Field	Value
ID	IAC-0468
Severity	LOW
IaC Type	Terraform
Frameworks	Terraform
Checkov ID	CKV2_AWS_34

References

• Checkov Rule

---