Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(dms): add new check dms_endpoint_redis_tls_enabled #5583

Merged

Conversation

danibarranqueroo
Copy link
Member

Context

This new check verifies whether AWS Database Migration Service (DMS) endpoints for Redis are configured with TLS (Transport Layer Security). The control fails if TLS is not enabled for the endpoint.

TLS provides end-to-end encryption for data in transit, ensuring secure communication between source and target databases during migration. Enabling TLS helps prevent unauthorized access to sensitive data, mitigating risks such as data breaches and interception.

RDS endpoints have a parameter inside the Redis Settings called SslSecurityProtocol. This allows to enable or disable the connection to a Redis target endpoint using Transport Layer Security (TLS). Valid values include plaintext and ssl-encryption. The default is ssl-encryption. The ssl-encryption option makes an encrypted connection.

Description

Added new check dms_endpoint_redis_tls_enabled with its unit tests.

Checklist

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@danibarranqueroo danibarranqueroo requested review from a team as code owners October 30, 2024 12:01
@github-actions github-actions bot added the provider/aws Issues/PRs related with the AWS provider label Oct 30, 2024
@danibarranqueroo danibarranqueroo changed the title feat(rds): add new check dms_endpoint_redis_tls_enabled feat(dms): add new check dms_endpoint_redis_tls_enabled Oct 30, 2024
Copy link

codecov bot commented Oct 30, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 89.82%. Comparing base (9802fc1) to head (0224843).
Report is 10 commits behind head on master.

Additional details and impacted files
@@            Coverage Diff             @@
##           master    #5583      +/-   ##
==========================================
- Coverage   89.88%   89.82%   -0.07%     
==========================================
  Files        1114     1116       +2     
  Lines       34536    34578      +42     
==========================================
+ Hits        31044    31061      +17     
- Misses       3492     3517      +25     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@MrCloudSec MrCloudSec self-requested a review November 6, 2024 15:30
@MrCloudSec MrCloudSec merged commit 0ae26bd into master Nov 6, 2024
10 of 11 checks passed
@MrCloudSec MrCloudSec deleted the PRWLR-4475-ensure-dms-endpoints-for-redis-have-tls-enabled branch November 6, 2024 16:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
provider/aws Issues/PRs related with the AWS provider
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants