github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/emr/AVD-AWS-0137/Terraform.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/emr/AVD-AWS-0137/Terraform.md (about)

     1  
     2  Enable at-rest encryption for EMR cluster
     3  
     4  ```hcl
     5    resource "aws_emr_security_configuration" "good_example" {
     6      name = "emrsc_other"
     7    
     8      configuration = <<EOF
     9    {
    10      "EncryptionConfiguration": {
    11        "AtRestEncryptionConfiguration": {
    12          "S3EncryptionConfiguration": {
    13            "EncryptionMode": "SSE-S3"
    14          },
    15          "LocalDiskEncryptionConfiguration": {
    16            "EncryptionKeyProviderType": "AwsKms",
    17            "AwsKmsKey": "arn:aws:kms:us-west-2:187416307283:alias/tf_emr_test_key"
    18          }
    19        },
    20        "EnableInTransitEncryption": true,
    21        "EnableAtRestEncryption": true
    22      }
    23    }
    24    EOF
    25    }
    26  ```
    27  
    28  #### Remediation Links
    29   - https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/emr_security_configuration
    30