Skip to content

Ensure clusters are encrypted

Description

At-rest encryption encrypts your on-disk data during sync and backup operations.

Rationale

Data encryption helps prevent unauthorized users from reading sensitive data available on your Redis clusters and their associated cache storage systems.

Applies To

  • Databases

Tags

This rule is applied when the following tags are present:

Tag With Value
secureclouddb/provider aws
secureclouddb/service elasticache

Default Rule

/**
 * @param {Object} databaseSettings - database settings object
 * @returns {boolean} true if the atRestEncryptionEnabled option is enable
 */
function validate(databaseSettings) {

    const success =
        databaseSettings.awsDatabaseInstance &&
        databaseSettings.awsDatabaseInstance.elasticacheCluster &&
        databaseSettings.awsDatabaseInstance.elasticacheCluster.atRestEncryptionEnabled

    return {
        success,
    }
}

// invoke
validate(databaseSettings);