aquasecurity
diff --git a/‎plugins/aws/apprunner/serviceEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/apprunner/serviceEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/auditmanager/auditmanagerDataEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/auditmanager/auditmanagerDataEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/auditmanager/auditmanagerDataEncrypted.spec.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/auditmanager/auditmanagerDataEncrypted.spec.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/backup/backupVaultEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/backup/backupVaultEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/cloudwatchlogs/logGroupsEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/cloudwatchlogs/logGroupsEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/codeartifact/codeartifactDomainEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/codeartifact/codeartifactDomainEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/codeartifact/codeartifactDomainEncrypted.spec.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/codeartifact/codeartifactDomainEncrypted.spec.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/codebuild/projectArtifactsEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/codebuild/projectArtifactsEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/codebuild/projectArtifactsEncrypted.spec.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/codebuild/projectArtifactsEncrypted.spec.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/codepipeline/pipelineArtifactsEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/codepipeline/pipelineArtifactsEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/codepipeline/pipelineArtifactsEncrypted.spec.js
Lines changed: 2 additions & 2 deletions b/‎plugins/aws/codepipeline/pipelineArtifactsEncrypted.spec.js
Lines changed: 2 additions & 2 deletions
diff --git a/‎plugins/aws/connect/customerProfilesDomainEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/connect/customerProfilesDomainEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/connect/instanceAttachmentsEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/connect/instanceAttachmentsEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/connect/instanceAttachmentsEncrypted.spec.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/connect/instanceAttachmentsEncrypted.spec.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/connect/instanceCallRecordingEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/connect/instanceCallRecordingEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/connect/instanceCallRecordingEncrypted.spec.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/connect/instanceCallRecordingEncrypted.spec.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/connect/instanceMediaStreamsEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/connect/instanceMediaStreamsEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/connect/instanceMediaStreamsEncrypted.spec.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/connect/instanceMediaStreamsEncrypted.spec.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/connect/instanceReportsEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/connect/instanceReportsEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/connect/instanceReportsEncrypted.spec.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/connect/instanceReportsEncrypted.spec.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/connect/instanceTranscriptsEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/connect/instanceTranscriptsEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/connect/instanceTranscriptsEncrypted.spec.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/connect/instanceTranscriptsEncrypted.spec.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/documentDB/docdbClusterEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/documentDB/docdbClusterEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/ec2/ebsEncryptionEnabled.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/ec2/ebsEncryptionEnabled.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/ecr/ecrRepositoryEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/ecr/ecrRepositoryEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/elasticache/redisClusterEncryptionAtRest.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/elasticache/redisClusterEncryptionAtRest.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/elasticache/redisClusterEncryptionAtRest.spec.js
Lines changed: 2 additions & 2 deletions b/‎plugins/aws/elasticache/redisClusterEncryptionAtRest.spec.js
Lines changed: 2 additions & 2 deletions
diff --git a/‎plugins/aws/firehose/deliveryStreamEncrypted.js
Lines changed: 1 addition & 1 deletion b/‎plugins/aws/firehose/deliveryStreamEncrypted.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎plugins/aws/firehose/deliveryStreamEncrypted.spec.js
Lines changed: 2 additions & 2 deletions b/‎plugins/aws/firehose/deliveryStreamEncrypted.spec.js
Lines changed: 2 additions & 2 deletions
@@ -17,7 +17,7 @@ module.exports = {
             name: ' App Runner service desired Encryption level',
             description: 'In order (lowest to highest) awskms=AWS-managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk'
+            default: 'awskms'
         }
     },
     realtime_triggers: ['apprunner:CreateService','apprunner:DeleteService'],
 
@@ -17,7 +17,7 @@ module.exports = {
             name: 'Audit Manager Data Encryption Level',
             description: 'In order (lowest to highest) awskms=AWS-managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk',
+            default: 'awskms',
         }
     },
     realtime_triggers: ['auditmanager:registerAccount','auditmanager:UpdateSettings','auditmanager:DeregisterAccount'],
 
@@ -98,7 +98,7 @@ describe('auditmanagerDataEncrypted', function () {
 
         it('should FAIL if Audit Manager data is not encrypted with desired encryption level', function (done) {
             const cache = createCache(getSettings, listKeys, describeKey[1]);
-            auditmanagerDataEncrypted.run(cache, {}, (err, results) => {
+            auditmanagerDataEncrypted.run(cache, {auditmanager_data_encryption_level: 'awscmk'}, (err, results) => {
                 expect(results.length).to.equal(1);
                 expect(results[0].status).to.equal(2);
                 expect(results[0].region).to.equal('us-east-1');
 
@@ -16,7 +16,7 @@ module.exports = {
             name: 'CodeArtifact Domain Target Encryption Level',
             description: 'In order (lowest to highest) awskms=AWS-managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk',
+            default: 'awskms',
         }
     },
     realtime_triggers: ['backup:CreateBackupVault','backup:DeleteBackupVault'],
 
@@ -18,7 +18,7 @@ module.exports = {
             name: 'CloudWatch Log Groups Target Ecryption Level',
             description: 'In order (lowest to highest) awskms=AWS managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk'
+            default: 'awskms'
         },
         cloudwatchlog_whitelist: {
             name: 'Lambda Functions Whitelisted',
 
@@ -17,7 +17,7 @@ module.exports = {
             name: 'CodeArtifact Domain Target Encryption Level',
             description: 'In order (lowest to highest) awskms=AWS-managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk',
+            default: 'awskms',
         }
     },
     realtime_triggers: ['codeartifact:CreateDomain', 'codeartifact:DeleteDomain'],
 
@@ -101,7 +101,7 @@ describe('codeartifactDomainEncrypted', function () {
 
         it('should FAIL if CodeArtifact domain is not encrypted with desired encyption level', function (done) {
             const cache = createCache(listDomains, listKeys, describeKey[1]);
-            codeartifactDomainEncrypted.run(cache, {}, (err, results) => {
+            codeartifactDomainEncrypted.run(cache, {codeartifact_domain_encryption_level:'awscmk'}, (err, results) => {
                 expect(results.length).to.equal(1);
                 expect(results[0].status).to.equal(2);
                 expect(results[0].region).to.equal('us-east-1');
 
@@ -17,7 +17,7 @@ module.exports = {
             name: 'Project Artifacts Target Encryption Level',
             description: 'In order (lowest to highest) awskms=AWS-managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk',
+            default: 'awskms',
         }
     },
     realtime_triggers: ['codebuild:CreateProject', 'codebuild:UpdateProject','codebuild:DeleteProject'],
 
@@ -158,7 +158,7 @@ describe('projectArtifactsEncrypted', function () {
 
         it('should FAIL if CodeBuild project artifact is not encrypted with desired encryption level', function (done) {
             const cache = createCache(listProjects, listKeys, batchGetProjects[1], describeKey[1]);
-            projectArtifactsEncrypted.run(cache, { projects_artifact_desired_encryption_level: 'awscmk' }, (err, results) => {
+            projectArtifactsEncrypted.run(cache, { project_artifacts_desired_encryption_level: 'awscmk' }, (err, results) => {
                 expect(results.length).to.equal(1);
                 expect(results[0].status).to.equal(2);
                 expect(results[0].region).to.equal('us-east-1');
 
@@ -18,7 +18,7 @@ module.exports = {
             name: 'Pipeline Artifacts Desired Encrypted Level',
             description: 'In order (lowest to highest) awskms=AWS-managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk'
+            default: 'awskms'
         }
     },
     realtime_triggers: ['codepipeline:CreatePipeline','codepipeline:DeletePipeline'],
 
@@ -135,7 +135,7 @@ describe('pipelineArtifactsEncrypted', function () {
     describe('run', function () {
         it('should PASS if Pipeline Artifacts is encrypted with desired encryption level', function (done) {
             const cache = createCache([listPipelines[0]], listKeys, listAliases, getPipeline[0], describeKey[0]);
-            pipelineArtifactsEncrypted.run(cache, { pipeline_artifacts_encryption : 'awscmk' }, (err, results) => {
+            pipelineArtifactsEncrypted.run(cache, { pipeline_artifacts_desired_encryption_level : 'awscmk' }, (err, results) => {
                 expect(results.length).to.equal(1);
                 expect(results[0].status).to.equal(0);
                 expect(results[0].region).to.equal('us-east-1');
@@ -145,7 +145,7 @@ describe('pipelineArtifactsEncrypted', function () {
 
         it('should FAIL if Pipeline Artifacts not encrypted with desired encryption level', function (done) {
             const cache = createCache([listPipelines[0]], listKeys, listAliases, getPipeline[0], describeKey[1]);
-            pipelineArtifactsEncrypted.run(cache, { pipeline_artifacts_encryption : 'awscmk' }, (err, results) => {
+            pipelineArtifactsEncrypted.run(cache, { pipeline_artifacts_desired_encryption_level : 'awscmk' }, (err, results) => {
                 expect(results.length).to.equal(1);
                 expect(results[0].status).to.equal(2);
                 expect(results[0].region).to.equal('us-east-1');
 
@@ -16,7 +16,7 @@ module.exports = {
             name: 'Connect Customer Profiles Encrypted',
             description: 'In order (lowest to highest) awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk'
+            default: 'awskms'
         }
     },
     realtime_triggers: ['customerprofiles:CreateDomain', 'customerprofiles:UpdateDomain', 'customerprofile:DeleteDomain'],
 
@@ -17,7 +17,7 @@ module.exports = {
             name: 'Connect Attachments Target Encryption Level',
             description: 'In order (lowest to highest) awskms=AWS managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk'
+            default: 'awskms'
         }
     },
     realtime_triggers: ['connect:CreateInstance', 'connect:AssociateInstanceStorageConfig', 'connect:UpdateInstanceStorageConfig', 'connect:DeleteInstance', 'connect:DisassociateInstanceStorageConfig'],
 
@@ -136,7 +136,7 @@ describe('instanceAttachmentsEncrypted', function () {
     describe('run', function () {
         it('should FAIL if Connect instance is not using desired encryption level', function (done) {
             const cache = createCache(listInstances, instanceAttachmentStorageConfigs[0], listKeys, describeKey[1]);
-            instanceAttachmentsEncrypted.run(cache, {}, (err, results) => {
+            instanceAttachmentsEncrypted.run(cache, {connect_attachments_encryption_level : 'awscmk'}, (err, results) => {
                 expect(results.length).to.equal(1);
                 expect(results[0].status).to.equal(2);
                 done();
 
@@ -17,7 +17,7 @@ module.exports = {
             name: 'Connect Call Resording Encryption Level',
             description: 'In order (lowest to highest) awskms=AWS managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk'
+            default: 'awskms'
         }
     },
     realtime_triggers: ['connect:CreateInstance', 'connect:AssociateInstanceStorageConfig', 'connect:UpdateInstanceStorageConfig','connect:DeleteInstance', 'connect:DisassociateInstanceStorageConfig'],
 
@@ -136,7 +136,7 @@ describe('instanceCallRecordingEncrypted', function () {
     describe('run', function () {
         it('should FAIL if Connect instance is not using desired encryption level', function (done) {
             const cache = createCache(listInstances, listInstanceCallRecordingStorageConfigs[0], listKeys, describeKey[1]);
-            instanceCallRecordingEncrypted.run(cache, {}, (err, results) => {
+            instanceCallRecordingEncrypted.run(cache, {connect_call_recording_encryption_level: 'awscmk'}, (err, results) => {
                 expect(results.length).to.equal(1);
                 expect(results[0].status).to.equal(2);
                 done();
 
@@ -17,7 +17,7 @@ module.exports = {
             name: 'Connect Media Streams Target Encryption Level',
             description: 'In order (lowest to highest) awskms=AWS managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk'
+            default: 'awskms'
         }
     },
     realtime_triggers: ['connect:CreateInstance', 'connect:AssociateInstanceStorageConfig', 'connect:UpdateInstanceStorageConfig','connect:DeleteInstance', 'connect:DisassociateInstanceStorageConfig'],
 
@@ -142,7 +142,7 @@ describe('instanceMediaStreamsEncrypted', function () {
     describe('run', function () {
         it('should FAIL if Connect instance is not using desired encryption level', function (done) {
             const cache = createCache(listInstances, listInstanceMediaStreamStorageConfigs[0], listKeys, describeKey[1]);
-            instanceMediaStreamsEncrypted.run(cache, {}, (err, results) => {
+            instanceMediaStreamsEncrypted.run(cache, {connect_media_streams_encryption_level: 'awscmk'}, (err, results) => {
                 expect(results.length).to.equal(1);
                 expect(results[0].status).to.equal(2);
                 done();
 
@@ -17,7 +17,7 @@ module.exports = {
             name: 'Connect Exported Reports Target Encryption Level',
             description: 'In order (lowest to highest) awskms=AWS managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk'
+            default: 'awskms'
         }
     },
     realtime_triggers: ['connect:CreateInstance', 'connect:AssociateInstanceStorageConfig', 'connect:UpdateInstanceStorageConfig','connect:DeleteInstance', 'connect:DisassociateInstanceStorageConfig'],
 
@@ -136,7 +136,7 @@ describe('instanceReportsEncrypted', function () {
     describe('run', function () {
         it('should FAIL if Connect instance is not using desired encryption level', function (done) {
             const cache = createCache(listInstances, listInstanceExportedReportStorageConfigs[0], listKeys, describeKey[1]);
-            instanceReportsEncrypted.run(cache, {}, (err, results) => {
+            instanceReportsEncrypted.run(cache, {connect_exported_reports_encryption_level : 'awscmk'}, (err, results) => {
                 expect(results.length).to.equal(1);
                 expect(results[0].status).to.equal(2);
                 done();
 
@@ -17,7 +17,7 @@ module.exports = {
             name: 'Connect Chat Transcripts Target Encryption Level',
             description: 'In order (lowest to highest) awskms=AWS managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk'
+            default: 'awskms'
         }
     },
     realtime_triggers: ['connect:CreateInstance', 'connect:AssociateInstanceStorageConfig', 'connect:UpdateInstanceStorageConfig','connect:DeleteInstance', 'connect:DisassociateInstanceStorageConfig'],
 
@@ -136,7 +136,7 @@ describe('instanceTranscriptsEncrypted', function () {
     describe('run', function () {
         it('should FAIL if Connect instance is not using desired encryption level', function (done) {
             const cache = createCache(listInstances, listInstanceChatTranscriptStorageConfigs[0], listKeys, describeKey[1]);
-            instanceTranscriptsEncrypted.run(cache, {}, (err, results) => {
+            instanceTranscriptsEncrypted.run(cache, {connect_chat_transcripts_encryption_level: 'awscmk'}, (err, results) => {
                 expect(results.length).to.equal(1);
                 expect(results[0].status).to.equal(2);
                 done();
 
@@ -17,7 +17,7 @@ module.exports = {
             name: 'DocumentDB Cluster Target Encryption Level',
             description: 'In order (lowest to highest) awskms=AWS-managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk',
+            default: 'awskms',
         }
     },
     realtime_triggers: ['docdb:CreateDBCluster','docdb:CreateDBInstance','docdb:DeleteDBCluster'],
 
@@ -55,7 +55,7 @@ module.exports = {
             name: 'EBS Minimum Encryption Level at rest',
             description: 'In order (lowest to highest) awskms=AWS-managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk',
+            default: 'awskms',
         },
 
     },
 
@@ -17,7 +17,7 @@ module.exports = {
             name: 'ECR Repository Encryption',
             description: 'In order (lowest to highest) sse=AES-256; awskms=AWS-managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(sse|awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk'
+            default: 'awskms'
         }
     },
     realtime_triggers: ['ecr:CreateRepository', 'ecr:DeleteRepository'],
 
@@ -17,7 +17,7 @@ module.exports = {
             name: 'ElastiCache Cluster Target Encryption Level',
             description: 'In order (lowest to highest) awskms=AWS-managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk',
+            default: 'awskms',
         }
     },
     realtime_triggers: ['elasticache:CreateCacheCluster', 'elasticache:DeleteCacheCluster', 'elasticache:CreateReplicationGroup'],
 
@@ -219,7 +219,7 @@ describe('redisClusterEncryptionAtRest', function () {
     describe('run', function () {
         it('should PASS if Redis Cluster at-rest is encrypted with desired encryption level', function (done) {
             const cache = createCache(describeCacheClusters[0], listKeys, describeReplicationGroups[0], describeKey[0]);
-            redisClusterEncryptionAtRest.run(cache, { ec_atrest_desired_encryption_level: 'awscmk' }, (err, results) => {
+            redisClusterEncryptionAtRest.run(cache, { ec_cluster_target_encryption_level: 'awscmk' }, (err, results) => {
                 expect(results.length).to.equal(1);
                 expect(results[0].status).to.equal(0);
                 expect(results[0].region).to.equal('us-east-1');
@@ -229,7 +229,7 @@ describe('redisClusterEncryptionAtRest', function () {
 
         it('should FAIL if Redis Cluster at-rest is not encrypted with desired encryption level', function (done) {
             const cache = createCache([describeCacheClusters[1]],listKeys, describeReplicationGroups[1], describeKey[1]);
-            redisClusterEncryptionAtRest.run(cache, { ec_atrest_desired_encryption_level: 'awscmk' }, (err, results) => {
+            redisClusterEncryptionAtRest.run(cache, { ec_cluster_target_encryption_level: 'awscmk' }, (err, results) => {
                 expect(results.length).to.equal(1);
                 expect(results[0].status).to.equal(2);
                 expect(results[0].region).to.equal('us-east-1');
 
@@ -17,7 +17,7 @@ module.exports = {
             name: 'Firehose Delivery Stream Target Encryption Level',
             description: 'In order (lowest to highest) awskms=AWS managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',
             regex: '^(awskms|awscmk|externalcmk|cloudhsm)$',
-            default: 'awscmk'
+            default: 'awskms'
         }
     },
     realtime_triggers: ['firehose:CreateDeliveryStreams','firehose:UpdateDestination', 'firehose:DeleteliveryStreams'],
 
@@ -308,15 +308,15 @@ describe('deliveryStreamEncrypted', function () {
             deliveryStreamEncrypted.run(cache, {}, (err, results) => {
                 expect(results.length).to.equal(1);
                 expect(results[0].status).to.equal(0);
-                expect(results[0].message).to.include('Firehose delivery stream destination bucket is encrypted with awscmk');
+                expect(results[0].message).to.include('Firehose delivery stream is encrypted with awskms');
                 expect(results[0].region).to.equal('us-east-1');
                 done();
             });
         });
 
         it('should FAIL if Firehose Delivery Stream not encrypted with desired encryption level', function (done) {
             const cache = createCache([listDeliveryStreams[0]], listKeys, describeDeliveryStream[1], describeKey[1]);
-            deliveryStreamEncrypted.run(cache, {}, (err, results) => {
+            deliveryStreamEncrypted.run(cache, {delivery_stream_desired_encryption_level:  'awscmk'}, (err, results) => {
                 expect(results.length).to.equal(1);
                 expect(results[0].status).to.equal(2);
                 expect(results[0].message).to.include('Firehose delivery stream destination bucket is encrypted with awskms');
Original file line number	Diff line number	Diff line change
`@@ -17,7 +17,7 @@ module.exports = {`
`17`	`17`	`name: ' App Runner service desired Encryption level',`
`18`	`18`	`description: 'In order (lowest to highest) awskms=AWS-managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',`
`19`	`19`	`regex: '^(awskms\|awscmk\|externalcmk\|cloudhsm)$',`
`20`		`- default: 'awscmk'`
	`20`	`+ default: 'awskms'`
`21`	`21`	`}`
`22`	`22`	`},`
`23`	`23`	`realtime_triggers: ['apprunner:CreateService','apprunner:DeleteService'],`
Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,7 @@ module.exports = {`
`16`	`16`	`name: 'CodeArtifact Domain Target Encryption Level',`
`17`	`17`	`description: 'In order (lowest to highest) awskms=AWS-managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',`
`18`	`18`	`regex: '^(awskms\|awscmk\|externalcmk\|cloudhsm)$',`
`19`		`- default: 'awscmk',`
	`19`	`+ default: 'awskms',`
`20`	`20`	`}`
`21`	`21`	`},`
`22`	`22`	`realtime_triggers: ['backup:CreateBackupVault','backup:DeleteBackupVault'],`
Original file line number	Diff line number	Diff line change
`@@ -18,7 +18,7 @@ module.exports = {`
`18`	`18`	`name: 'Pipeline Artifacts Desired Encrypted Level',`
`19`	`19`	`description: 'In order (lowest to highest) awskms=AWS-managed KMS; awscmk=Customer managed KMS; externalcmk=Customer managed externally sourced KMS; cloudhsm=Customer managed CloudHSM sourced KMS',`
`20`	`20`	`regex: '^(awskms\|awscmk\|externalcmk\|cloudhsm)$',`
`21`		`- default: 'awscmk'`
	`21`	`+ default: 'awskms'`
`22`	`22`	`}`
`23`	`23`	`},`
`24`	`24`	`realtime_triggers: ['codepipeline:CreatePipeline','codepipeline:DeletePipeline'],`