Control: AWS > HIPAA > DAX > DynamoDB Accelerator (DAX) clusters should be encrypted at rest

This control checks whether a DAX cluster is encrypted at rest. Encrypting data at rest reduces the risk of data stored on disk being accessed by a user not authenticated to AWS. The encryption adds another set of access controls to limit the ability of unauthorized users to access to the data. For example, API permissions are required to decrypt the data before it can be read.

Resource Types

This control targets the following resource types:

AWS > DAX > Cluster

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-hipaa#/control/types/daxClusterEncryptionAtRestEnabled

Category URI

tmod:@turbot/turbot#/control/categories/complianceHipaa

GraphQL

query controlType(id: "tmod:@turbot/aws-hipaa#/control/types/daxClusterEncryptionAtRestEnabled") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-hipaa#/control/types/daxClusterEncryptionAtRestEnabled'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-hipaa#/control/types/daxClusterEncryptionAtRestEnabled"