Best practices

RDS database instance is not using customer-managed KMS keys

Description

RDS database instance {AwsRdsDbInstance} is encrypted using the default AWS-managed KMS key
  • Recommended Mitigation

    We recommend to encrypt RDS instances with customer-managed KMS key, to enable more control over the keys.