Alibaba Cloud OSS bucket is not encrypted with Customer Master Key

Description

Encrypting your OSS bucket with a CMK helps protect your data from unauthorized access or tampering. By encrypting your bucket, you can ensure that only authorized users with the correct key can access and decrypt the data, and that the data is protected while in storage.

Fix - Buildtime

Terraform

resource "alicloud_oss_bucket" "pass" {
  bucket = "bucket-123"
  acl    = "private"

  server_side_encryption_rule {
    sse_algorithm     = "KMS"
    kms_master_key_id = "your kms key id"
  }
}