Kinesis stream is unencrypted.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | kinesis |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
The Kinesis stream is configured without server-side encryption, meaning data passing through the stream is not protected in transit. This allows sensitive information to be exposed if intercepted between producers, the stream, and consumers.
Impact#
Without encryption, attackers with network access could read or tamper with data moving through the Kinesis stream, leading to potential data breaches or unauthorized access to confidential information.
Resolution#
Enable in transit encryption