Enable in-transit encryption for EMR clusters.
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | emr |
| Provider | AWS |
| Vulnerability Type | misconfiguration |
Description#
The EMR cluster is not configured to use in-transit encryption, meaning data moving between nodes or services within the cluster is sent in plaintext. This exposes sensitive information to potential interception during transmission.
Impact#
Without in-transit encryption, attackers who gain network access can eavesdrop on or tamper with data exchanged within the EMR cluster. This can lead to unauthorized disclosure of sensitive data, data breaches, or manipulation of processing results, posing significant risks to data privacy and integrity.
Resolution#
Enable in-transit encryption for EMR cluster