Rule: Attached EBS Volumes Should Have Encryption Enabled

This rule states that all attached EBS volumes should have encryption enabled to ensure data security.

Rule	Attached EBS volumes should have encryption enabled
Framework	RBI Cyber Security Framework
Severity	✔ Medium

Rule Description:

To comply with the RBI (Reserve Bank of India) Cyber Security Framework, all attached EBS (Elastic Block Store) volumes in your AWS (Amazon Web Services) environment should have encryption enabled. This ensures that sensitive data stored on these volumes is protected and meets the recommended security measures outlined by RBI.

Troubleshooting Steps:

1.
Verify if all attached EBS volumes have encryption enabled.

2.
Identify any volumes that are not encrypted.

3.
Determine the root cause of why encryption is not enabled.

4.
Implement the necessary remediation steps to enable encryption on the affected volumes.

Necessary Codes:

No necessary codes are provided for this rule.

Step-by-Step Guide for Remediation:

To enable encryption on attached EBS volumes in your AWS environment, follow these steps:

Step 1: Identify Attached EBS Volumes

1.
Log in to the AWS Management Console.

2.
Navigate to the EC2 service.

3.
Click on "Volumes" in the left navigation pane.

4.
Review the list of attached EBS volumes.

Step 2: Verify Encryption Status

1.
Select each EBS volume from the list.

2.
Check the "Encryption" column under "Volume Details" to determine if encryption is already enabled.

3.
Note down any volumes that are not encrypted.

Step 3: Enable Encryption

1.
For each volume that is not encrypted:
- Stop any EC2 instances that are using the volume.
- Create an encrypted copy of the existing volume by following AWS documentation:
  
  Creating an Encrypted Amazon EBS Volume
- Note the new encrypted volume's details.
- Detach the old unencrypted volume from the EC2 instance.
- Attach the new encrypted volume to the EC2 instance.
- Start the EC2 instance.

Step 4: Validate Encryption

1.
Repeat Steps 1 and 2 to verify that encryption is now enabled for all attached EBS volumes.

2.
Ensure that all volumes display "true" under the "Encryption" column.

Conclusion:

Following the above steps will help you ensure compliance with the RBI Cyber Security Framework regarding encryption of attached EBS volumes in your AWS environment. By enabling encryption, you enhance the security of sensitive data stored on these volumes and meet the recommended security standards.

Rule: Attached EBS Volumes Should Have Encryption Enabled

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step 1: Identify Attached EBS Volumes

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step 2: Verify Encryption Status

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step 3: Enable Encryption

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step 4: Validate Encryption

Is your System Free of Underlying Vulnerabilities? Find Out Now

Step 1: Identify Attached EBS Volumes

Step 2: Verify Encryption Status

Step 3: Enable Encryption

Step 4: Validate Encryption

Is your System Free of Underlying Vulnerabilities?
Find Out Now