SQS Queue Does Not Have Server Side Encryption Enabled

Overview

Check whether SQS queues have Server Side Encryption activated. If the encryption is not enabled, confidential data in transit will remain vulnerable. Activate encryption and utilize a Customer Master Key (CMK) whenever possible, as this approach delivers extra advantages in terms of both management and privacy.

Vendor

AWS

Cloud Service

SQS

SQS.1

References

https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_GetQueueAttributes.html#:~:text=KmsMasterKeyId%20%E2%80%93%20Returns%20the%20ID%20of%20an%20AWS%20managed%20customer%20master%20key%20(CMK)%20for%20Amazon%20SQS%20or%20a%20custom%20CMK.%20For%20more%20information%2C%20see%20Key%20Terms, https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_GetQueueAttributes.html#:~:text=Period%20Work%3F.-,SqsManagedSseEnabled,-%E2%80%93%20Returns%20information%20about

Severity

Item Types

AWS::SQS::Queue

Overview​

Vendor​

Cloud Service​

Related Controls​

References​

Severity​

Item Types​