Link Search Menu Expand Document

Launch configuration with unencrypted block device.

Explanation

Blocks devices should be encrypted to ensure sensitive data is hel securely at rest.

Insecure Example

The following example will fail the AWS014 check.

resource "aws_launch_configuration" "my-launch-config" {
	root_block_device {
		encrypted = false
	}
}

Secure Example

The following example will pass the AWS014 check.

resource "aws_launch_configuration" "my-launch-config" {
	root_block_device {
		encrypted = true
	}
}