RDS encryption has not been enabled at a DB Instance level.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | rds |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
RDS database instances are configured without storage encryption, meaning data at rest is not protected by encryption. This leaves database contents unprotected if the underlying storage is accessed directly.
Impact#
If an attacker gains access to the storage or backups of the RDS instance, they could read sensitive data in plaintext. This increases the risk of data breaches and violates compliance requirements for data protection.
Resolution#
Enable encryption for RDS instances