Detecting Unencrypted File Systems - Encrypting File Data with Amazon Elastic File System

Detecting Unencrypted File Systems

Your organization may have a requirement to identify Amazon EFS resources that are not encrypted. You can detect unencrypted file systems by using AWS Config Managed Rules. AWS Config provides AWS Managed Rules, which are predefined, customizable rules that AWS Config uses to evaluate whether your AWS resources comply with common best practices and flag the resources failing the rules as NON_COMPLIANT.

You can use the AWS Managed Config rule efs-encrypted-check to check whether Amazon Elastic File System (Amazon EFS) is configured to encrypt the file data using AWS Key Management Service (AWS KMS). For more information about setting up and activating the AWS Managed Rules, see Working with AWS Config Managed Rules.