Control: Managed disks should be double encrypted with both platform-managed and customer-managed keys

Description

High security sensitive customers who are concerned of the risk associated with any particular encryption algorithm, implementation, or key being compromised can opt for additional layer of encryption using a different encryption algorithm/mode at the infrastructure layer using platform managed encryption keys. The disk encryption sets are required to use double encryption.

Usage

Run the control in your terminal:

powerpipe control run azure_compliance.control.compute_os_and_data_disk_encrypted_with_cmk_and_platform_managed

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run azure_compliance.control.compute_os_and_data_disk_encrypted_with_cmk_and_platform_managed --share

SQL

This control uses a named query:

compute_os_and_data_disk_encrypted_with_cmk_and_platform_managed

Control: Managed disks should be double encrypted with both platform-managed and customer-managed keys

Description

Usage

SQL

Tags