💼 [DataFirehose.1] Firehose delivery streams should be encrypted at rest

Contextual name: 💼 [DataFirehose.1] Firehose delivery streams should be encrypted at rest
ID: /frameworks/aws-fsbp-v1.0.0/data-firehouse/01
Located in: 💼 Data Firehouse

Description

Server-side encryption is a feature in Amazon Data Firehose delivery streams that automatically encrypts data before it's at rest by using a key created in AWS Key Management Service (AWS KMS). Data is encrypted before it's written to the Data Firehose stream storage layer, and decrypted after it's retrieved from storage. This allows you to comply with regulatory requirements and enhance the security of your data.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/datafirehose-controls.html#datafirehose-1
Internal
- ID: dec-c-db81de2f

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies
💼 NIST SP 800-53 Revision 5 → 💼 AC-3 Access Enforcement	15	5	34
💼 NIST SP 800-53 Revision 5 → 💼 AU-3 Content of Audit Records	3	13	28
💼 NIST SP 800-53 Revision 5 → 💼 SC-12 Cryptographic Key Establishment and Management	6	1	7
💼 NIST SP 800-53 Revision 5 → 💼 SC-13 Cryptographic Protection	4		13
💼 NIST SP 800-53 Revision 5 → 💼 SC-28 Protection of Information at Rest	3	16	25

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections