AWS Config Rule: DocumentDB Cluster Encrypted
DOCDB_CLUSTER_ENCRYPTED
Eduardo Van Cauteren
Last Update 3 months ago
Description: Checks if storage encryption is enabled for your Amazon DocumentDB (with MongoDB compatibility) clusters. The rule is NON_COMPLIANT if storage encryption is not enabled.
Trigger type: Configuration changes
AWS Region: Only available in Asia Pacific (Mumbai), Europe (Paris), US East (Ohio), Europe (Ireland), Europe (Frankfurt), South America (Sao Paulo), US East (N. Virginia), Asia Pacific (Seoul), Europe (London), Europe (Milan), Asia Pacific (Tokyo), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Canada (Central), China (Ningxia) Region
How to Resolve Manually
This config rule checks whether storage encryption is enabled for a particular DocumentDB cluster. The rule will be marked as non-compliant if a cluster is configured without encryption.
Unfortunately, you cannot directly enable encryption for existing clusters. You'll need to create a new cluster with encryption enabled and migrate your data to the new cluster.
For detailed instructions, refer to the official AWS documentation here.
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
