You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Encrypted RDS instances shows an improved security posture in the event that the vender's RDS service is compromised. Additionally, AWS don't provide a easy solution for encrypting already unencrypted RDS instances without wiping data, as a default an RDS instance should be encrypted.
The text was updated successfully, but these errors were encountered:
The Terraform module
aws_db_instanceprovides an argument ofstorage_encryptedwhich is defaulted to off when not specified. I think it would be a good idea if the https://github.com/alphagov/govuk-aws/blob/master/terraform/modules/aws/rds_instance/main.tf module here; specified this argument and defaulted to true.Setting the
storage_encryptedargument will require akms_key_idto be used as mentioned here: https://www.terraform.io/docs/providers/aws/r/db_instance.htmlEncrypted RDS instances shows an improved security posture in the event that the vender's RDS service is compromised. Additionally, AWS don't provide a easy solution for encrypting already unencrypted RDS instances without wiping data, as a default an RDS instance should be encrypted.
The text was updated successfully, but these errors were encountered: