Plugin Title CSEK Encryption Enabled
Category Compute
Description Ensure Customer Supplied Encryption Key Encryption is enabled on Disks
More Info Google encrypts all disks at rest by default. By using CSEK only the users with the key can access the disk. Anyone else, including Google, cannot access the disk ensuring maximum security on the disk.
AWS Link
Recommended Action CSEK can only be configured when creating a disk, Delete the disk in question and redeploy with CSEK.

Detailed Remediation Steps

Want to scan for this risk automatically?

Get Started Now