HIGH
Source
Trivy
ID
AVD-AWS-0121

SAM Simple table must have server side encryption enabled.

Encryption should be enabled at all available levels to ensure that data is protected if compromised.

Impact

Data stored in the table that is unencrypted may be vulnerable to compromise

Follow the appropriate remediation steps below to resolve the issue.

Enable server side encryption

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
---
AWSTemplateFormatVersion: "2010-09-09"
Description: A sample template
AWSTemplateFormatVersion: 2010-09-09
Description: Good Example of SAM Table
Resources:
  GoodFunction:
    Type: AWS::Serverless::SimpleTable
    Properties:
      TableName: GoodTable
      SSESpecification:
        SSEEnabled: true