DynamoDB Table Not Encrypted

  • Query id: b6a7e0ae-aed8-4a19-a993-a95760bf8836
  • Query name: DynamoDB Table Not Encrypted
  • Platform: Pulumi
  • Severity: High
  • Category: Encryption
  • CWE: 311
  • URL: Github

Description

AWS DynamoDB Tables should have serverSideEncryption enabled
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:dynamodb:Table
    properties:
---
name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:dynamodb:Table
    properties:
      serverSideEncryption:
        enabled: false

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
name: aws-eks
runtime: yaml
description: An EKS cluster
resources:
  example:
    type: aws:dynamodb:Table
    properties:
      serverSideEncryption:
        enabled: true