Kinesis Stream is Not Encrypted At Rest

Overview

This validation examines whether Kinesis Data Streams are secured with server-side encryption for data at rest. The validation does not pass if a Kinesis stream lacks encryption at rest through server-side encryption.

Server-side encryption is a functionality within Amazon Kinesis Data Streams that automatically encrypts data with an AWS KMS key before it reaches the resting state. This encryption occurs prior to the data being written to the storage layer of the Kinesis stream, and it is decrypted upon retrieval. Consequently, your data remains encrypted at rest within the Amazon Kinesis Data Streams service.

Vendor

AWS

Cloud Service

Kinesis

Kinesis.1

Severity

Item Types

AWS::Kinesis::Stream

Overview​

Vendor​

Cloud Service​

Related Controls​

Severity​

Item Types​

Overview

Vendor

Cloud Service

Related Controls

Severity

Item Types