Home»AWS Documentation»General»EFS volumes in ECS task definitions do not have encryption in transit enabled EFS volumes in ECS task definitions do not have encryption in transit enabled Description This check examines ECS tasks, and checks the definitions for EFS and if attached that the transit is encrypted. Fix - Runtime AWS Console TBA Fix - Buildtime Terraform **Resource: ** aws_ecs_task_definitionArgument: efs_volume_configuration/transit_encryption needs to ENABLED if there is an attached EFS. resource “aws_ecs_task_definition” “example” {…family = “service”volume {…+ transit_encryption = “ENABLED”}}}…} CloudFormation **Resource: ** AWS::ECS::TaskDefinitionArgument: Properties.Volumes.EFSVolumeConfiguration.TransitEncryption.EFSVolumeConfiguration needs to ENABLED if there is an attached EFS. Resources:TaskDefinition:Type: AWS::ECS::TaskDefinitionProperties:…Volumes:– …EFSVolumeConfiguration:…+ TransitEncryption: “ENABLED”