Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[datagov-brokerpak-solr] EFS in task definition does not encrypt data in transit #4102

Closed
2 tasks
nickumia-reisys opened this issue Dec 7, 2022 · 2 comments
Closed
2 tasks

[datagov-brokerpak-solr] EFS in task definition does not encrypt data in transit #4102

nickumia-reisys opened this issue Dec 7, 2022 · 2 comments
Assignees
@nickumia-reisys
Labels
bug Software defect or bug compliance Relating to security compliance or documentation
Milestone
February 2023

Comments

@nickumia-reisys
Copy link
Contributor

nickumia-reisys commented Dec 7, 2022
edited
Loading

Date of report: 12/06/2022
Severity: Moderate

Due date is based on severity and described in RA-5. 15-days for Critical, 30-days for High, and 90-days for Moderate and lower.

  • EFS in task definition does not encrypt data in transit (Moderate)
    • Detailed paths
      • Path: terraform/ecs/provision/follower.tf
      • Introduced through: resource › aws_ecs_task_definition[solr-follower] › volume › efs_volume_configuration › transit_encryption
    • This issue is...
      • Data between ECS host and EFS server is not encrypted in transit
    • The impact of this is...
      • The content could be intercepted and manipulated in transit
    • You can resolve it by...
      • Set volume.efs_volume_configuration.transit_encryption attribute to ENABLED.
  • EFS in task definition does not encrypt data in transit (Moderate)
    • Detailed paths
      • Path: terraform/ecs/provision/leader.tf
      • Introduced through: resource › aws_ecs_task_definition[solr] › volume › efs_volume_configuration › transit_encryption
    • This issue is...
      • Data between ECS host and EFS server is not encrypted in transit
    • The impact of this is...
      • The content could be intercepted and manipulated in transit
    • You can resolve it by...
      • Set volume.efs_volume_configuration.transit_encryption attribute to ENABLED.
@nickumia-reisys nickumia-reisys added compliance Relating to security compliance or documentation bug Software defect or bug labels Dec 7, 2022
@nickumia-reisys
Copy link
Contributor Author

I remember we've had issues with this in the past... here's some links for historical reference:

@nickumia-reisys nickumia-reisys mentioned this issue Dec 7, 2022
Closed
1 task
@hkdctol hkdctol added this to the February 2023 milestone Dec 8, 2022
@hkdctol hkdctol moved this to 📔 Product Backlog in data.gov team board Dec 8, 2022
@nickumia-reisys nickumia-reisys mentioned this issue Dec 10, 2022
Closed
10 tasks
@hkdctol
Copy link
Contributor

hkdctol commented Jan 19, 2023

This seems duplicative of #4119

@hkdctol hkdctol closed this as completed Jan 19, 2023
@github-project-automation github-project-automation bot moved this from 📔 Product Backlog to ✔ Done in data.gov team board Jan 19, 2023
@nickumia-reisys nickumia-reisys self-assigned this Oct 9, 2023
@nickumia-reisys nickumia-reisys moved this from ✔ Done to 🗄 Closed in data.gov team board Oct 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nickumia-reisys nickumia-reisys

Labels
bug Software defect or bug compliance Relating to security compliance or documentation
Projects
data.gov team board
Archived in project
Milestone
February 2023
Development

No branches or pull requests
2 participants
@hkdctol @nickumia-reisys