Evaluates whether encryption is enabled for each unmounted ECS data disk. A disk with encryption enabled is considered compliant.
Scenarios
Enable disk encryption to improve data security and meet regulatory requirements.
Risk level
Default risk level: medium.
You can change the risk level based on your business requirements when you apply this rule.
Compliance evaluation logic
- If encryption is enabled for an unmounted ECS data disk, the configuration is compliant.
- If encryption is disabled for an unmounted ECS data disk, the configuration is non-compliant. For more information about how to remediate an incompliant configuration, see Incompliance remediation.
Rule details
| Item | Description |
| Rule name | ecs-available-disk-encrypted |
| Rule identifier | ecs-available-disk-encrypted |
| Tag | ECS and Disk |
| Automatic remediation | Not supported |
| Trigger type | Configuration change |
| Supported resource type | ECS disk |
| Input parameter | None. |
Incompliance remediation
ecs-disk-encrypted For more information, see Encrypt a data disk.
该文章对您有帮助吗?