AWS RDS Performance Insights should be encrypted
- GG_ID: GG_IAC_0058
- Severity: HIGH
- Complexity: LOW
- Categories: DATA, PERMISSION
- Providers: AWS
- Potential data exposure: True
- Visible in logs: False
- User interaction required: False
- Privileges required: True
#
DescriptionAmazon Relational Database Service (Amazon RDS) is a web service that makes it easier to set up, operate, and scale a relational database in the AWS Cloud. Performance Insights expands on existing Amazon RDS monitoring features to illustrate and help analyze database performance.
The data should always be encrypted at rest and in transit to protect the data if accesses are compromised.
#
ImpactNot encrypting data could lead to data leak in case of an attack.
#
Remediation guidelinesEnable encryption for RDS Performance insights, providing a KMS key.