There is no encryption specified or encryption is disabled on the RDS Cluster.
Explanation
Encryption should be enabled for an RDS Aurora cluster.
When enabling encryption by setting the kms_key_id, the storage_encrypted must also be set to true.
Insecure Example
The following example will fail the AWS051 check.
resource "aws_rds_cluster" "foo" {
name = "bar"
kms_key_id = ""
}
Secure Example
The following example will pass the AWS051 check.
resource "aws_rds_cluster" "foo" {
name = "bar"
kms_key_id = "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
storage_encrypted = true
}