top of page
< Back

AWS Foundational Security Best Practice

EFS.1

Elastic File System should be configured to encrypt file data at-rest using AWS KMS

Severity

Cloud Platforms

Resources

MEDIUM

AWS

Amazon EFS

This AWS control checks whether Amazon Elastic File System (Amazon EFS) is configured to encrypt the file data using AWS Key Management Service (AWS KMS). The check will fail if the encrypted key is set to false on DescribeFileSystems or if the KmsKeyId key on DescribeFileSystems does not match the KmsKeyId parameter.

bottom of page