Google > Compute >

Snapshot Encryption

HIGH

Source

CloudSploit

ID

snapshot-encryption

management console

Snapshot Encryption

Ensure Snapshots are encrypted using Customer Managed or Supplied Keys.

GCP compute disk snapshots are encrypted with the encryption type of source disk. By default, the compute disks are encrypted using the Google-managed encryption keys. However, to have better control on the encryption process and adhere to compliance requirements, use either customer-managed keys or customer-supplied keys for encryption.

Recommended Actions

Ensure that all disk snapshots are encrypted using desired protection level.

Links

https://cloud.google.com/compute/docs/disks/customer-managed-encryption

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2024 Aqua Security Software Ltd. Privacy Policy | Terms of Use