search

aws-samples / aws-refarch-wordpress

This reference architecture provides best practices and a set of YAML CloudFormation templates for deploying WordPress on AWS.
MIT No Attribution
1.08k stars 609 forks source link

EFS - Encryption of Data in Transit (Question) #41

Open michael-newman opened 6 years ago

michael-newman commented 6 years ago

@darrylsosborne,

Can you confirm this template enables encryption of data in transit to/from EFS?

I just came across this AWS News Blog announcing Encryption of Data in Transit for Amazon EFS dated after your Version 2.0.2 template, so wanted to check. Reference article: https://aws.amazon.com/blogs/aws/new-encryption-of-data-in-transit-for-amazon-efs/

Thank you, Mike

michael-newman commented 6 years ago

@darrylsosborne ... would welcome your thoughts!

ecout commented 5 years ago

@michael-newman It says PRETTY clearly it is over a private network? Who's going to perform a MIM attack on that on a VPC?

sudosoul commented 5 years ago

@ecout AWS's official recommendation is to use Encryption of Data in Transit for PII/Sensitive data even while on a private network.

AWS recommends that organizations implement encryption of sensitive information in motion wherever possible.

https://aws.amazon.com/blogs/security/how-to-address-the-pci-dss-requirements-for-data-encryption-in-transit-using-amazon-vpc/