SonarCloud detects unencrypted AWS resources at rest on CloudFormation and Terraform files

Hello Terraform, CloudFormation developers,

SonarCloud is not able to detect if you have AWS resources declared in your CloudFormation or Terraform files which don’t rely on encryption at rest.

The resources covered by these new rules are:

  • EBS volumes
  • RDS databases
  • Elasticsearch domains
  • SageMaker notebook instances
  • SNS topics
  • SQS queues
  • EFS file systems

Thanks
Alex

1 Like