AWS > XRay >

XRay Encryption Enabled

HIGH

Source

CloudSploit

xray-encryption-enabled

management console

XRay Encryption Enabled

Ensures CMK-based encryption is enabled for XRay traces.

AWS XRay supports default encryption based on an AWS-managed KMS key as well as encryption using a customer managed key (CMK). For maximum security, the CMK-based encryption should be used.

Recommended Actions

Update XRay encryption configuration to use a CMK.

Links

https://docs.aws.amazon.com/xray/latest/devguide/xray-console-encryption.html

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.