Unencrypted SQS queue TF-AWS015

Queues should be encrypted with customer managed KMS keys and not default AWS managed keys, in order to allow granular control over access to specific queues.

Examples

Bad practice

resource "aws_sqs_queue" "my-queue" {
    # no key specified
}

Recommended

resource "aws_sqs_queue" "my-queue" {
    kms_master_key_id = "/blah"
}