AWS-WorkSpaces-WorkSpaces-Volume-Encryption

Owned by naveen
Last updated: Dec 02, 2021
1 min read

Severity: High

Description: This control ensures that expired ACM certificates are removed. Expired ACM certificates should be removed or if applicable renewed. So, that services integrated with that certificate will run without failures..

Remediation Steps:

Perform following to  create encrypted workspace volume:

  1. Login to the AWS Management Console at https://console.aws.amazon.com.

  2. Navigate to Workspaces console.

  3. Within the Workspace Console, in the left pane, click on Workspace

  4. Click on Launch Workspaces

  5. For the Workspaces Configuration step, do the following:

    • Select the volumes to encrypt: Root Volume and User Volume

    • For Encryption Key, select a CMK that you created.

    • Click Next Step

  6. Choose Launch WorkSpaces.

Important:

  • Root/User Volume encryption cannot be changed once workspace has been created. You'll need to terminate the resource and create a new one

Reference:

Blue Hexagon Proprietary