Getting Started
Getting started Custom Checks ConfigChecks
Home
AWS001
AWS002
AWS003
AWS004
AWS005
AWS006
AWS007
AWS008
AWS009
AWS010
AWS011
AWS012
AWS013
AWS014
AWS015
AWS016
AWS017
AWS018
AWS019
AWS020
AWS021
AWS022
AWS023
AWS024
AWS025
AWS031
AWS032
AWS033
AWS034
AWS035
AWS036
AWS037
AWS038
AWS039
AWS040
AWS041
AWS042
AWS043
AWS044
AWS045
AWS046
AWS047
AWS048
AWS049
AWS050
AWS051
AWS052
AWS053
AWS054
AWS055
AWS057
Github Actions
Code Scanning Alerts PR CommenterAWS015
Unencrypted SQS queue.
Explanation
Queues should be encrypted with customer managed KMS keys and not default AWS managed keys, in order to allow granular control over access to specific queues.
Insecure Example
The following example will fail the AWS015 check.
resource "aws_sqs_queue" "my-queue" {
# no key specified
}Secure Example
The following example will pass the AWS015 check.
resource "aws_sqs_queue" "my-queue" {
kms_master_key_id = "/blah"
}