Policy: AWS > Logs > Log Group > Encryption at Rest
Define the Encryption at Rest settings required for AWS > Logs > Log Group.
Encryption at Rest refers specifically to the encryption of data when written to an underlying storage system. This control determines whether the resource is encrypted at rest, and sets encryption to your desired level.
The Encryption at Rest control compares the encryption settings against the encryption policies for the resource (AWS > Logs > Log Group > Encryption at Rest > *), raises an alarm, and takes the defined enforcement action
Resource Types
This policy targets the following resource types:
Related Policies
Controls
Policy Packs
This policy setting is used by the following policy packs:
Policy Specification
Schema Type | |
|---|---|
Default | |
Valid Values [YAML] |
|
Examples [YAML] |
|
Category
In Your Workspace
Developers
- tmod:@turbot/turbot#/control/categories/resourceEncryptionAtRest
- tmod:@turbot/aws-logs#/policy/types/logGroupEncryptionAtRest
- turbot graphql policy-type --id "tmod:@turbot/aws-logs#/policy/types/logGroupEncryptionAtRest"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-logs#/policy/types/logGroupEncryptionAtRest"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI