github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/eks/AVD-AWS-0039/CloudFormation.md (about) 1 2 Enable encryption of EKS secrets 3 4 ```yaml--- 5 Resources: 6 GoodExample: 7 Type: 'AWS::EKS::Cluster' 8 Properties: 9 Name: goodExample 10 Version: '1.14' 11 RoleArn: >- 12 arn:aws:iam::012345678910:role/eks-service-role-good-example 13 EncryptionConfig: 14 Provider: 15 KeyArn: alias/eks-kms 16 Resources: 17 - secrets 18 ResourcesVpcConfig: 19 SecurityGroupIds: 20 - sg-6979fe18 21 SubnetIds: 22 - subnet-6782e71e 23 - subnet-e7e761ac 24 25 ``` 26 27