Disk Encryption Disabled

  • Query id: 1ee0f202-31da-49ba-bbce-04a989912e4b
  • Query name: Disk Encryption Disabled
  • Platform: Terraform
  • Severity: Medium
  • Category: Encryption
  • URL: Github

Description

Disks should have encryption enabled
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file
resource "tencentcloud_cbs_storage" "encrytion_positive1" {
  storage_name      = "cbs-test"
  storage_type      = "CLOUD_SSD"
  storage_size      = 100
  availability_zone = "ap-guangzhou-3"

  tags = {
    test = "tf"
  }
}
Positive test num. 2 - tf file
resource "tencentcloud_cbs_storage" "encrytion_positive2" {
  storage_name      = "cbs-test"
  storage_type      = "CLOUD_SSD"
  storage_size      = 100
  availability_zone = "ap-guangzhou-3"
  encrypt           = false

  tags = {
    test = "tf"
  }
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file
resource "tencentcloud_cbs_storage" "encrytion_negative1" {
  storage_name      = "cbs-test"
  storage_type      = "CLOUD_SSD"
  storage_size      = 100
  availability_zone = "ap-guangzhou-3"
  encrypt           = true

  tags = {
    test = "tf"
  }
}