RDS Instance Enabled TDE or Disk Encryption
ID: rule:aliyun:rds-instance-enabled-tde-disk-encryption
Severity: medium
IaC Types: ROS, Terraform
Description
RDS instance should have TDE (Transparent Data Encryption) or disk encryption enabled.
Reason for Violation
RDS instance does not have TDE or disk encryption enabled, which may expose data to security risks.
Recommendation
Set tde_status to "Enabled" or configure encryption_key for the RDS instance.
Resource Types
- ROS:
ALIYUN::RDS::DBInstance - ROS:
ALIYUN::RDS::PrepayDBInstance - Terraform:
alicloud_db_instance