Plugin Title CSEK Encryption Enabled
Category Compute
Description Ensures Customer Supplied Encryption Key Encryption is enabled on disks
More Info Google encrypts all disks at rest by default. By using CSEK only the users with the key can access the disk. Anyone else, including Google, cannot access the disk data.
AWS Link
Recommended Action CSEK can only be configured when creating a disk. Delete the disk and redeploy with CSEK.

Detailed Remediation Steps

Want to scan for this risk automatically?

Get Started Now