Beta - disk encryption disabled

문서 > Datadog 보안 > Code Security > Infrastructure as Code (IaC) Security > IaC Security Rules > Beta - disk encryption disabled

이 페이지는 아직 한국어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Metadata

Id: 1ee0f202-31da-49ba-bbce-04a989912e4b

Cloud Provider: TencentCloud

Platform: Terraform

Severity: Medium

Category: Encryption

Learn More

Provider Reference

Description

Disks should have encryption enabled. This rule checks tencentcloud_cbs_storage resources and flags when the encrypt attribute is missing or set to false. The encrypt attribute must be set to true to ensure block storage volumes are encrypted.

Compliant Code Examples

resource "tencentcloud_cbs_storage" "encrytion_negative1" {
  storage_name      = "cbs-test"
  storage_type      = "CLOUD_SSD"
  storage_size      = 100
  availability_zone = "ap-guangzhou-3"
  encrypt           = true

  tags = {
    test = "tf"
  }
}

Non-Compliant Code Examples

resource "tencentcloud_cbs_storage" "encrytion_positive2" {
  storage_name      = "cbs-test"
  storage_type      = "CLOUD_SSD"
  storage_size      = 100
  availability_zone = "ap-guangzhou-3"
  encrypt           = false

  tags = {
    test = "tf"
  }
}

resource "tencentcloud_cbs_storage" "encrytion_positive1" {
  storage_name      = "cbs-test"
  storage_type      = "CLOUD_SSD"
  storage_size      = 100
  availability_zone = "ap-guangzhou-3"

  tags = {
    test = "tf"
  }
}