Query: msk_cluster_encryption_in_transit_with_tls_enabled

select
  arn as resource,
  case
    when provisioned -> 'EncryptionInfo' -> 'EncryptionInTransit' ->> 'ClientBroker' = 'TLS' then 'ok'
    else 'alarm'
  end as status,
  case
    when provisioned -> 'EncryptionInfo' -> 'EncryptionInTransit' ->> 'ClientBroker' = 'TLS' then title || ' encryption in transit enabled with TLS.'
    else title || ' encryption in transit enabled with plaintext.'
  end as reason,
  region,
  account_id
from
  aws_msk_cluster;