Control: EMR cluster security configurations should have encryption in transit enabled
Description
This control checks whether EMR cluster security configurations are encrypted in transit.
Usage
Run the control in your terminal:
powerpipe control run terraform_aws_compliance.control.emr_cluster_security_configuration_encryption_in_transit_enabledSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run terraform_aws_compliance.control.emr_cluster_security_configuration_encryption_in_transit_enabled --shareSQL
This control uses a named query:
select address as resource, case when ((attributes_std ->> 'configuration')::jsonb -> 'EncryptionConfiguration' ->> 'EnableInTransitEncryption')::bool then 'ok' else 'alarm' end as status, split_part(address, '.', 2) || case when ((attributes_std ->> 'configuration')::jsonb -> 'EncryptionConfiguration' ->> 'EnableInTransitEncryption')::bool then ' encryption in transit enabled' else ' encryption in transit disabled' end || '.' as reason , path || ':' || start_linefrom terraform_resourcewhere type = 'aws_emr_security_configuration';