top of page

EFS.1

Elastic File System should be configured to encrypt file data at-rest using AWS KMS

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

Amazon EFS

AWS Foundational Best Practice, AWS Foundational Technical Review, CDR, ISO27001, SOC2, NIST CSF,

This AWS control checks whether Amazon Elastic File System (Amazon EFS) is configured to encrypt the file data using AWS Key Management Service (AWS KMS). The check will fail if the encrypted key is set to false on DescribeFileSystems or if the KmsKeyId key on DescribeFileSystems does not match the KmsKeyId parameter.

bottom of page