Compute Instances should have in-transit encryption enabled for boot volumes

oci-compute
Esta página aún no está disponible en español. Estamos trabajando en su traducción.
Si tienes alguna pregunta o comentario sobre nuestro actual proyecto de traducción, no dudes en ponerte en contacto con nosotros.

Description

The Block Volume service provides the option to enable in-transit encryption for paravirtualized volume attachments on virtual machine (VM) instances. All data moving between the instance and the block volume is transferred over an internal and highly secure network. If you have compliance requirements related to the encryption of the data while it is moving between the instance and the block volume, you should enable the in-transit encryption option.

This rule checks that in-transit encryption is enabled on OCI Compute instances for paravirtualized volume attachments. Enabling in-transit encryption provides additional security for data in motion between the instance and block volumes.

Remediation

For guidance on configuring in-transit encryption for block volumes, refer to the Block Volume Encryption section of the Oracle Cloud Infrastructure Documentation.