Amazon Glue
📘 Storing Amazon Glue Data Catalog objects and connection passwords without encryption poses a significant security risk, as it can lead to unauthorized access and data breaches. Encrypting these elements is vital for protecting sensitive credentials and data integrity.
- Section: Encryption
- Severity: Critical
- CWE: CWE-256 Unprotected Storage of Credentials
- Assurance Scope: PCI, NIST, HIPPA
- Threat Modeling Principal: Tampering, Spoofing, Information Disclosure
- Rule Set: Threat Modeling - Cloud Configuration Check
📘 The absence of data-at-rest encryption in Amazon Glue Data Catalogs can expose sensitive data to potential breaches. Implementing encryption is crucial for safeguarding data stored in these catalogs, ensuring confidentiality and security.
- Section: Encryption
- Severity: High
- CWE: CWE-311 Missing Encryption of Sensitive Data
- Assurance Scope: PCI, NIST, HIPPA
- Threat Modeling Principal: Tampering, Spoofing, Information Disclosure
- Rule Set: Threat Modeling - Cloud Configuration Check
📘 Not utilizing KMS CMKs for data-at-rest encryption in Amazon Glue Data Catalogs reduces the control over data security. Employing KMS CMKs enhances encryption management, providing stronger protection for the data within these catalogs.
- Section: Encryption
- Severity: High
- CWE: CWE-653 Insufficient Compartmentalization
- Assurance Scope: PCI, NIST, HIPPA
- Threat Modeling Principal: Tampering, Spoofing, Information Disclosure
- Rule Set: Threat Modeling - Cloud Configuration Check
Updated 5 months ago