Identify and remediate public cloud compliance misconfigurations, mitigate security threats and control your expenses from one simple, easy to use platform.
rds-007
Last Updated:
April 21, 2022
An Amazon Relational Database Service (RDS) instance snapshots are unencrypted. An unencrypted RDS snapshot stores data in plain text, allowing an attacker to access plaintext data in a compromised snapshot. RDS snapshots are encrypted when the RDS instance is configured with encryption enabled. Once RDS is encrypted the data is encrypted-at-rest and traffic inside the instance as well as all snapshots created from the instance are encrypted. RDS instances are not encrypted by default. RDS encryption should be enabled on all RDS instances to ensure the snapshots are encrypted.
