Get Involved

Query: 2.1.1.2 Ensure Cloud Object Storage Encryption is set to On with BYOK

Description

You can use IBM Cloud encryption key management service, for example Key Protect, to bring your own root key (BYOK) to IBM Cloud and use it to add envelope encryption for data that is stored in IBM Cloud Object Storage buckets.

Query

Tables used in this query:

ibm_account
ibm_cos_bucket

Controls using this query:

2.1.1.2 Ensure Cloud Object Storage Encryption is set to On with BYOK
2.1.1.3 Ensure Cloud Object Storage Encryption is set to On with KYOK

Query: 2.1.1.2 Ensure Cloud Object Storage Encryption is set to On with BYOK

Description

Query

SQL