πΌ [Kinesis.1] Kinesis streams should be encrypted at rest
- Contextual name: πΌ [Kinesis.1] Kinesis streams should be encrypted at rest
- ID:
/frameworks/aws-fsbp-v1.0.0/kinesis/01 - Located in: πΌ Kinesis
Descriptionβ
Server-side encryption is a feature in Amazon Kinesis Data Streams that automatically encrypts data before it's at rest by using an AWS KMS key. Data is encrypted before it's written to the Kinesis stream storage layer, and decrypted after it's retrieved from storage. As a result, your data is encrypted at rest within the Amazon Kinesis Data Streams service.
Similarβ
- AWS Security Hub
- Internal
- ID:
dec-c-81eeb711
- ID:
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ CA-9(1) Internal System Connections _ Compliance Checks | 15 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ CM-3(6) Configuration Change Control _ Cryptography Management | 4 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-7(10) Boundary Protection _ Prevent Exfiltration | 4 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-13 Cryptographic Protection | 4 | 6 | ||
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-28 Protection of Information at Rest | 3 | 15 | 18 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-28(1) Protection of Information at Rest _ Cryptographic Protection | 10 | 12 | ||
| πΌ NIST SP 800-53 Revision 5 β πΌ SI-7(6) Software, Firmware, and Information Integrity _ Cryptographic Protection | 6 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|