SQS queue is not encrypted at rest

Data protection

SQS queue is not encrypted at rest

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

AWS Foundational Security Best Practices Controls
Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
coppa
CPRA
GDPR
HITRUST
ISO/IEC 27001
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA

Description

Amazon Simple Queue Service (Amazon SQS) offers a secure, durable, and available hosted queue that lets you integrate and decouple distributed software systems and components. Amazon SQS offers common constructs such as dead-letter queues and cost-allocation tags. It provides a generic web services API that you can access using any programming language that the AWS SDK supports. It was found that the queue {AwsSqsQueue} is not encrypted at rest using AWS KMS.

Recommended Mitigation

Ensure that your SQS queue is encrypted at rest with Amazon KMS key. For more information: <a href="https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html</a>

SQS queue is not encrypted at rest

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS