Missing Encryption of Sensitive Data
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-311: Missing Encryption of Sensitive Data |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
This code defines an AWS SQS queue in Terraform without enabling server-side encryption. As a result, messages stored in the queue are not protected and can be read in plain text if accessed.
Impact#
If the SQS queue is compromised, sensitive data could be exposed to unauthorized users or attackers. This may lead to data breaches, leakage of confidential information, and violation of compliance requirements such as GDPR or HIPAA.