CCSS (Common Configuration Scoring System) is a set of measures used to determine the severity of the rule.
Each rule is associated with a high-level category. For example IAM, Container, Monitoring, Logging, Network, etc.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsEBS volumes without regional encryption enforcement may lead to data being stored unencrypted, increasing the risk of data breaches and non-compliance with data protection regulations. Enforcing encryption at the region level ensures that all new EBS volumes are encrypted by default, protecting data at rest from unauthorized access and ensuring compliance with security best practices.
Set the enabled
attribute in aws_ebs_encryption_by_default
resource to true
.
resource "aws_ebs_encryption_by_default" "allowed" {
enabled = true
}