EFS file systems should have encryption at rest enabled

efs
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

This check ensures that Amazon Elastic File System (EFS) file systems have encryption at rest enabled. Enabling encryption at rest helps protect data stored in EFS by encrypting the file system content using AWS Key Management Service (KMS). This minimizes the risk of unauthorized access to sensitive data and aligns with best practices for data security.

Remediation

To enable encryption at rest for a new EFS file system, refer to the Amazon EFS User Guide on Data Encryption. It’s recommended to configure encryption during the creation of an EFS file system, as encryption at rest cannot be enabled after the file system has been created.

For existing EFS file systems that are not encrypted, consider migrating data to a new, encrypted file system. For detailed instructions on how to perform such migrations, refer to the EFS documentation on migrating data to encrypted file systems.

PREVIEWING: aliciascott/DOCS-9725-Cloudcraft