Unsecured Encryption at rest is detected for the data stored in SageMaker. Make sure that all data in SageMaker at rest.
1resource "aws_sagemaker_notebook_instance" "ni" {
2 name = "my-notebook-instance"
3 role_arn = aws_iam_role.test_role.arn
4 instance_type = "ml.t2.medium"
5 root_access = "Disabled"
6 subnet_id = aws_subnet.pike.id
7 # Noncompliant: SageMaker Notebook is not encrypted at rest using KMS CMK.
8 tags = {
9 Name = "foo"
10 }
11}
1resource "aws_sagemaker_notebook_instance" "ni" {
2 name = "my-notebook-instance"
3 role_arn = aws_iam_role.test_role.arn
4 instance_type = "ml.t2.medium"
5 root_access = "Disabled"
6 subnet_id = aws_subnet.pike.id
7 # Compliant: SageMaker Notebook is encrypted at rest using KMS CMK.
8 kms_key_id = "1234abcd-12ab-34cd-56ef-1234567890ab"
9
10 tags = {
11 Name = "foo"
12 }
13}