Ensure that Azure Kubernetes cluster data is encrypted with CMK.
AKS Cluster allows you to encrypt your data using customer-managed keys (CMK) instead of using platform-managed keys, which are enabled by default. Your keys encrypt the backup data must be stored in Azure Key Vault.This provides you with full control over the data and the keys.
When creating a new Kubernetes Cluster, ensure that encryption at rest using CMK is enabled under the Node pool tab during creation.