Best practices

RDS database instance is not using customer-managed KMS keys

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

RDS database instance {AwsRdsDbInstance} is encrypted using the default AWS-managed KMS key
  • Recommended Mitigation

    We recommend to encrypt RDS instances with customer-managed KMS key, to enable more control over the keys