Description

Queues should be encrypted with customer managed KMS keys and not default AWS managed keys, in order to allow granular control over access to specific queues.

Resolution: Turn on SQS Queue encryption.

Examples

Example of incorrect code:

resource "aws_sqs_queue" "bad_example" {
	# no key specified
}

Example of correct code:

resource "aws_sqs_queue" "good_example" {
	kms_master_key_id = "/blah"
}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Files

AWS015.md

AWS015.md

Description

Examples

Files

AWS015.md

Latest commit

History

AWS015.md

File metadata and controls

Description

Examples