Skip to content

aws_kinesis_firehose_delivery_stream resources should have server_side_encryption enabled by default #20

New issue
New issue
Open
Open
aws_kinesis_firehose_delivery_stream resources should have server_side_encryption enabled by default#20
@scott-maclure-phx

Description

@scott-maclure-phx
scott-maclure-phx
opened on Jan 8, 2023

Why? Because compliance/config policy sets will pick up on encryption at rest violations.

See https://github.com/SumoLogic/terraform-sumologic-sumo-logic-integrations/blob/master/aws/kinesisfirehoseformetrics/kinesisfirehoseformetrics.tf#L97

And https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kinesis_firehose_delivery_stream#server_side_encryption

Could be AWS managed key (default) or a CMK (pass the ARN into the module as an argument)?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions