Compute Instances should have in-transit encryption enabled for boot volumes

oci-compute
이 페이지는 아직 한국어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

The Block Volume service provides the option to enable in-transit encryption for paravirtualized volume attachments on virtual machine (VM) instances. All data moving between the instance and the block volume is transferred over an internal and highly secure network. If you have compliance requirements related to the encryption of the data while it is moving between the instance and the block volume, you should enable the in-transit encryption option.

This rule checks that in-transit encryption is enabled on OCI Compute instances for paravirtualized volume attachments. Enabling in-transit encryption provides additional security for data in motion between the instance and block volumes.

Remediation

For guidance on configuring in-transit encryption for block volumes, refer to the Block Volume Encryption section of the Oracle Cloud Infrastructure Documentation.