If encryption is enabled for each in-use Elastic Compute Service (ECS) data disk, the configuration is considered compliant.
Scenarios
Enable encryption for ECS data disks to improve data security and meet regulatory and compliance requirements.
Risk level
Default risk level: medium.
When you apply this rule, you can change the risk level based on your requirements.
Compliance evaluation logic
- If the encryption feature is enabled for each in-use ECS data disk, the configuration is considered compliant.
- If the encryption feature is disabled for an in-use ECS data disk, the configuration is considered incompliant. For more information about how to remediate an incompliant configuration, see Incompliance remediation.
Rule details
| Item | Description |
| Rule name | ecs-in-use-disk-encrypted |
| Rule identifier | ecs-in-use-disk-encrypted |
| Tag | ECS and Disk |
| Automatic remediation | Not supported |
| Trigger type | Configuration change |
| Supported resource type | ECS disk |
| Input parameter | None. |
Incompliance remediation
To remediate an incompliant configuration, enable disk encryption. For more information, see Encrypt a data disk.
该文章对您有帮助吗?