Data protection

Elasticsearch using default KMS keys

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

It was found that Elasticsearch DB {AwsElasticSearch} using default KMS keys. AWS uses KMS key to encrypt resource. When another key has not been supplied, it uses the default key.

  • Recommended Mitigation

    It is recommended to use customer managed keys instead of default KMS keys.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.