Severity Framework
CCSS (Common Configuration Scoring System) is a set of measures used to determine the severity of the rule.
Snyk CCSS
Rule category
Each rule is associated with a high-level category. For example IAM, Container, Monitoring, Logging, Network, etc.
Data/ Data
Is your environment affected by this misconfiguration?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsFrameworks
CIS-ControlsCSA-CCMGDPRHIPAAISO-27001NIST-800-53SOC-2
- Snyk IDSNYK-CC-00293
- creditSnyk Research Team
Description
Query results produced by Athena are not encrypted.
How to fix?
Ensure that the encryption_option attribute of your configuration.result_configuration.encryption_configuration block is set to either CSE_KMS, SSE_KMS or SSE_S3.
Example configuration:
resource "aws_athena_workgroup" "example" {
configuration {
result_configuration {
encryption_configuration {
encryption_option = "SSE_S3"
}
}
}
# other required fields here
}
Set Properties.WorkGroupConfiguration.ResultConfiguration.EncryptionConfiguration.EncryptionOption to CSE_KMS, SSE_KMS or SSE_S3.