💼 [DynamoDB.3] DynamoDB Accelerator (DAX) clusters should be encrypted at rest
- ID:
/frameworks/aws-fsbp-v1.0.0/dynamodb/03
Description
Encrypting data at rest reduces the risk of data stored on disk being accessed by a user not authenticated to AWS. The encryption adds another set of access controls to limit the ability of unauthorized users to access to the data. For example, API permissions are required to decrypt the data before it can be read.
Similar
- AWS Security Hub
- Internal
- ID:
dec-c-eaf35c3d
- ID:
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 CA-9(1) Internal System Connections _ Compliance Checks | 25 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 CM-3(6) Configuration Change Control _ Cryptography Management | 6 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-7(10) Boundary Protection _ Prevent Exfiltration | 6 | no data | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-13 Cryptographic Protection | 4 | 13 | no data | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-28 Protection of Information at Rest | 3 | 16 | 25 | no data | |
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-28(1) Protection of Information at Rest _ Cryptographic Protection | 10 | 14 | no data | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 SI-7(6) Software, Firmware, and Information Integrity _ Cryptographic Protection | 12 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (1)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS DAX Cluster Server-Side Encryption is not enabled🟢 | 1 | 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-e9e99704 | 1 |