HIGH
Source
CloudSploit
ID
boot-volume-transit-encryption

Boot Volume Transit Encryption

Ensures in-transit data encryption is enabled on boot volumes.

Enabling boot volume in-transit data encryption ensures that boot volume data is secured and follows Oracle security best practices.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the Oracle Cloud Platform Console.

  2. Scroll down the left navigation panel and choose the “Instances” under the “Compute.” Step

  3. On the “Instances” page, scroll down and click on the “Boot Volumes” option at the left.Step

  4. On the “Boot Volumes” page, click on the “Name” as a link to access the configuration options.Step

  5. On the “Boot Volume Details” page, scroll down and select “Attached Instances” under the “Resources”.Step

  6. In the “Attached Instances”, check “In-Transit Encryption” is enabled or not.Step

  7. Repeat steps number 2 - 6 to verify other volumes in the account.

  8. Navigate to “Instances” under the “Compute” and select the “Boot Volumes” option to enable the “Boot Volume Transit Encryption”.Step

  9. On the “Boot Volume” page, scroll down and choose the “Boot Volume Clones” under the “Resources”.Step

  10. On the “Boot Volume Clones” page, click on the 3dots at the extreme right and choose the “Create Instance” option.Step

  11. On the “Create Compute Instance” page, scroll down and click on the “Show Shape, Network and Storage Options” to expand the services.Step

  12. On the expand services under “Shape, Network and Storage Options”, scroll down and select the checkbox next to the “USE IN-TRANSIT ENCRYPTION” under the “Boot Volume” and click on the “Create” button to initiate a new Instance.Step

  13. Repeat steps number 8 - 12 to enable in-transit data encryption.