Sagemaker Notebook Instance Without KMS
- Query id: f3674e0c-f6be-43fa-b71c-bf346d1aed99
- Query name: Sagemaker Notebook Instance Without KMS
- Platform: Terraform
- Severity: High
- Category: Encryption
- CWE: 326
- URL: Github
Description¶
AWS SageMaker should encrypt model artifacts at rest using Amazon S3 server-side encryption with an AWS KMS
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_sagemaker_notebook_instance" "ni" {
name = "my-notebook-instance"
role_arn = aws_iam_role.role.arn
instance_type = "ml.t2.medium"
tags = {
Name = "foo"
}
}