Ensure Alibaba Cloud Disk is encrypted with Customer Master Key

Error: Alibaba Cloud Disk is not encrypted with Customer Master Key

Bridgecrew Policy ID: BC_ALI_GENERAL_4
Checkov Check ID: CKV_ALI_8
Severity: LOW

Alibaba Cloud Disk is not encrypted with Customer Master Key

Description

Encrypting your disk with a CMK helps protect your data from unauthorized access or tampering. By encrypting your bucket, you can ensure that only authorized users with the correct key can access and decrypt the data, and that the data is protected while in storage.

Fix - Buildtime

Terraform

resource "alicloud_disk" "pass" {
  # cn-beijing
  description = "Hello ecs disk."
  category    = "cloud_efficiency"
  size        = "30"
  encrypted   = true
  kms_key_id  = "2a6767f0-a16c-1234-5678-13bf*****"
  tags = {
    Name = "TerraformTest"
  }
}