Glue does not encrypt data stored in the S3 bucket Affecting Glue service in AWS


Severity

0.0
medium
0
10
Severity Framework
Snyk CCSS
Rule category
Data/ Access

Is your environment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
Frameworks
CIS-AWSCIS-ControlsCSA-CCMGDPRHIPAAISO-27001NIST-800-53SOC-2
  • Snyk IDSNYK-CC-00252
  • creditSnyk Research Team

Description

The data generated by Glue and stored in S3 bucket can be read by anyone with access to the S3 bucket. This data may contain sensitive information.

How to fix?

Set Properties.EncryptionConfiguration.S3Encryptions.S3EncryptionMode attribute to SSE-KMS or SSE-S3.