Query: 4.2.2 Ensure boot volumes are encrypted with Customer Managed Key (CMK)

Description

When you launch a virtual machine (VM) or bare metal instance based on a platform image or custom image, a new boot volume for the instance is created in the same compartment. That boot volume is associated with that instance until you terminate the instance. By default, the Oracle service manages the keys that encrypt this boot volume. Boot Volumes can also be encrypted using a customer managed key.

Query

Tables used in this query:

• oci_core_boot_volume
• oci_identity_compartment

Controls using this query:

• 4.2.2 Ensure boot volumes are encrypted with Customer Managed Key (CMK)
• 5.2.2 Ensure boot volumes are encrypted with Customer Managed Key (CMK)

SQL