RDS Database Instance Storage is not Encrypted

Overview

This RDS database instance does not have Storage Encryption enabled. Storage encryption protects the confidentiality and integrity of data stored at rest, and it may be required to meet compliance requirements and/or contractual obligations.

Remediation:
Storage Encryption for RDS instances can only be enabled when the instance is created. The included remediation guides will allow you to update scripts, CloudFormation templates, and Terraform files used to create new instances.

If you need to migrate data from an existing instance to a new one with storage encryption enabled, you can do so by encrypting a copy of an unencrypted snapshot.

Vendor

AWS

Cloud Service

RDS

CIS AWS v1.5.0 2.3.1, RDS.3

Severity

Item Types

AWS::RDS::DBInstance

Overview​

Vendor​

Cloud Service​

Related Controls​

Severity​

Item Types​

Overview

Vendor

Cloud Service

Related Controls

Severity

Item Types