Control: AWS > NIST 800-53 > S3 > S3 bucket default encryption should be enabled

To help protect data at rest, ensure encryption is enabled for your Amazon Simple Storage Service (Amazon S3) buckets.

Resource Types

This control targets the following resource types:

Control Type URI

tmod:@turbot/aws-nist-800-53#/control/types/s3BucketDefaultEncryptionEnabled

Category URI

tmod:@turbot/turbot#/control/categories/complianceNist80053

GraphQL

query controlType(id: "tmod:@turbot/aws-nist-800-53#/control/types/s3BucketDefaultEncryptionEnabled") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-nist-800-53#/control/types/s3BucketDefaultEncryptionEnabled'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-nist-800-53#/control/types/s3BucketDefaultEncryptionEnabled"