Key Management Errors
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-320: CWE CATEGORY: Key Management Errors |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The Kinesis video stream resource is not configured to use a KMS customer-managed key (CMK) for encryption at rest. This means video data stored in AWS may not be properly encrypted or controlled.
Impact#
Without CMK encryption, sensitive video data could be exposed if AWS is compromised or misconfigured. Attackers or unauthorized users may be able to access or retrieve unencrypted video streams, leading to potential data breaches and loss of compliance.