DMS endpoints should require SSL/TLS

dms
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

This control verifies if an AWS DMS endpoint is configured to use an SSL connection. The ssl_mode of the endpoint must set to either require, verify-ca or verify-full.

SSL/TLS connections enhance security by encrypting data exchanged between DMS replication instances and your database. Additionally, using certificates adds another layer of protection by ensuring the connection is established with the intended database through server certificate validation. The server certificate is automatically installed on all provisioned database instances. Enabling SSL on your DMS endpoints ensures data confidentiality during migration.

Remediation

For guidance on configuring SSL for DMS endpoints, please refer to the Using SSL with AWS Database Migration Service section of the AWS Database Migration Service User Guide.

PREVIEWING: brett.blue/embedded-collector-release