TLS is disabled on DocumentDB Affecting DocumentDB service in AWS

Snyk CCSS

Keys and Secrets / Access

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CIS-Controls CSA-CCM GDPR HIPAA ISO-27001 NIST-800-53 PCI-DSS SOC-2

Snyk ID SNYK-CC-00254
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

The data transferred between DocumentDB cluster and clients will not be encrypted.

How to fix?

Set Properties.Parameters.tls attribute to enabled.

CloudFormation

aws-resource-docdb-dbclusterparametergroup.html

Terraform

References

cluster_parameter_groups-list_of_parameters.html