top of page
EFS.1
Elastic File System should be configured to encrypt file data at-rest using AWS KMS
Severity
Cloud Platforms
Resources
Related Standards
Automated
MEDIUM
AWS
Amazon EFS
AWS Foundational Best Practice, AWS Foundational Technical Review, CDR, ISO27001, SOC2, NIST CSF,
This AWS control checks whether Amazon Elastic File System (Amazon EFS) is configured to encrypt the file data using AWS Key Management Service (AWS KMS). The check will fail if the encrypted key is set to false on DescribeFileSystems or if the KmsKeyId key on DescribeFileSystems does not match the KmsKeyId parameter.
bottom of page