ServiceNow CMDB CI relationship sync: faster, more complete →
Mods
AWS

Policy: AWS > Backup > Backup Vault > Approved > Encryption at Rest

Define the Encryption at Rest settings required for AWS > Backup > Backup Vault.

Encryption at Rest refers specifically to the encryption of data when written to an underlying storage system. This control determines whether the resource is encrypted at rest, and sets encryption to your desired level.

The Encryption at Rest control compares the encryption settings against the encryption policies for the resource (AWS > Backup > Backup Vault > Encryption at Rest > *), raises an alarm, and takes the defined enforcement action

Resource Types

This policy targets the following resource types:

Primary Policy

This policy is used with the following primary policy:

Controls

Policy Specification

Schema Type
string
Default
None or higher
Valid Values [YAML]
  • None
    
  • None or higher
    
  • AWS managed key
    
  • AWS managed key or higher
    
  • Customer managed key
    
  • Encryption at Rest > Customer Managed Key
    
Examples [YAML]
  • None or higher
    

Category

In Your Workspace

Developers