You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I figure I'm missing something, or, the issue should be removed / severity reduced for this particular scenario. In other words, AWS forces encryption if a key is omitted.
We had a similar issue last month and our AppSec team agreed to remove this query for the supported platforms (Ansible, CloudFormation and Terraform).
I linked the PR to this case. It has already been deployed in KICS version 2.0.0.
Hi there, let me know what you think?
I figure I'm missing something, or, the issue should be removed / severity reduced for this particular scenario. In other words, AWS forces encryption if a key is omitted.
The query that relates to this is https://docs.kics.io/latest/queries/cloudformation-queries/aws/64ab651b-f5b2-4af0-8c89-ddd03c4d0e61/.
Expected Behavior
Not a high severity issue, at least, in this particular case. For now I've excluded the query.
Why? If you don't specify a KMS key at configuration, AWS automatically adds one. (ref)
Actual Behavior
The issue is classified as High severity
Steps to Reproduce the Problem
aws s3api get-bucket-encryption --bucket <bucket-name>
and returns:To scan it:
Specifications
(N/A if not applicable)
Keeping Infrastructure as Code Secure v1.7.13
Ubuntu 22.04.3 LTS
The text was updated successfully, but these errors were encountered: