Ensure storage encryption is enabled for AWS Neptune cluster

HIGH

Description

Not encrypting the AWS Neptune cluster storage can impact the confidentiality of data.

Remediation

In AWS Console -

Sign in to AWS Console and go to the Neptune console.
Select the Neptune DB instance.
Select 'Enable Encryption' and make sure it says 'Yes'.

In Terraform -

In the aws_neptune_cluster resource, set 'storage_encrypted' to 'true'.

References:
https://docs.aws.amazon.com/neptune/latest/userguide/data-protection.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/neptune_cluster

Policy Details

Rule Reference ID: AC_AWS_0182

CSP: AWS

Remediation Available: Yes

Domain: Data Protection

Resource: aws_neptune_cluster

Resource Category: Database

Resource Type: Neptune

Frameworks

GDPR
HIPAA
NIST-800-171
NIST-800-53
NIST-CSF
PCI-DSSv3.2.1
PCI-DSSv4.0