EBS volume not encrypted by CMK - Complete Cloud Security in Minutes - Orca Security

Best practices

EBS volume not encrypted by CMK

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Description

The EBS volume {AwsEc2EbsVolume} is encrypted using the default AMS managed keys. It is recommended for security reasons to use customer managed keys in order to gain more flexibility on managing the key.

Recommended Mitigation

Configure a CMK for encryption. You can configure a default customer key for encryptiion. See more: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_key_mgmt

See Orca in action

See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.