DAX Cluster Not Encrypted
- Query id: f11aec39-858f-4b6f-b946-0a1bf46c0c87
- Query name: DAX Cluster Not Encrypted
- Platform: Terraform
- Severity: High
- Category: Encryption
- URL: Github
Description¶
AWS DAX Cluster should have server-side encryption at rest
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Postitive test num. 1 - tf file
resource "aws_dax_cluster" "bar_1" {
cluster_name = "cluster-example"
iam_role_arn = data.aws_iam_role.example.arn
node_type = "dax.r4.large"
replication_factor = 1
}
resource "aws_dax_cluster" "bar_2" {
cluster_name = "cluster-example"
iam_role_arn = data.aws_iam_role.example.arn
node_type = "dax.r4.large"
replication_factor = 1
server_side_encryption {
}
}
resource "aws_dax_cluster" "bar_3" {
cluster_name = "cluster-example"
iam_role_arn = data.aws_iam_role.example.arn
node_type = "dax.r4.large"
replication_factor = 1
server_side_encryption {
enabled = false
}
}