Sagemaker data capture location is not encrypted with customer managed key Affecting Sagemaker service in AWS

Snyk CCSS

Keys and Secrets / Access

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CSA-CCM GDPR ISO-27001 NIST-800-53 SOC-2

Snyk ID SNYK-CC-00338
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Scope of use of the key cannot be controlled via KMS/IAM policies.

How to fix?

Set Properties.DataCaptureConfig.KmsKeyId to a customer managed key id.

CloudFormation

aws-resource-lambda-permission.html

Terraform

References

aws-managed-and-customer-managed-cmks.html