EFS Not Encrypted

• Query id: 48207659-729f-4b5c-9402-f884257d794f
• Query name: EFS Not Encrypted
• Platform: Terraform
• Severity: High
• Category: Encryption
• URL: Github

Description

Elastic File System (EFS) must be encrypted
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file

resource "aws_efs_file_system" "positive1" {
  creation_token = "my-product"

  tags = {
    Name = "MyProduct"
  }
}

resource "aws_efs_file_system" "positive2" {
  creation_token = "my-product"
  encrypted = false

  tags = {
    Name = "MyProduct"
  }
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file

resource "aws_efs_file_system" "negative1" {
  creation_token = "my-product"
  encrypted = true

  tags = {
    Name = "MyProduct"
  }
}