Free Assessment

AWS_Config_1

Ensure an AWS Managed Config Rule for encrypted volumes is applied

Description

AWS Config provides you with a detailed inventory of your AWS resources and their current configuration, and continuously records configuration changes to these resources. You can evaluate these configurations and changes for compliance with ideal configurations as defined by AWS Config Rules.

Remediation

Perform the following to ensure an AWS Managed Config Rule for encrypted volumes is applied

  1. Go to the AWS Config console at https://console.aws.amazon.com/config
  2. Select Rules tab from the left side.
  3. Search for a Config Rule that checks if the EBS volumes are encrypted with KMS key.
  4. Give specific name and description and save it.

Using the Amazon unified command line interface:

  • Create locally a json file (similar with the below sample) with the configuration of the Config Rule, and save it as /tmp/ConfigRule.json:
    • { “Description”: “Checks whether Web Tier EBS volumes that are in an attached state are encrypted.”, “ConfigRuleName”: “encrypted-volumes”, “Source”: {“Owner”: “AWS”, “SourceIdentifier”: “ENCRYPTED_VOLUMES” }, “InputParameters”: “{“kmsId””:””web_tier_kms_key””}””

Service

AWS Config

Severity

Low

Compliance

Mapping

Want to Know More?

Learn how our partners are managing their cloud security and compliance with Cloudlytics.

I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.

Cloudlytics

Solutions

Resources

Company

Legal

Facebook Twitter Linkedin Youtube
Start Free Trial
Login

CLOSE

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!

Learn More