Encryption On Managed Disk Disabled
- Query id: a99130ab-4c0e-43aa-97f8-78d4fcb30024
- Query name: Encryption On Managed Disk Disabled
- Platform: Terraform
- Severity: Medium
- Category: Encryption
- CWE: 311
- URL: Github
Description¶
Ensure that the encryption is active on the disk
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "azurerm_managed_disk" "positive1" {
name = "acctestmd"
location = "West US 2"
resource_group_name = azurerm_resource_group.example.name
storage_account_type = "Standard_LRS"
create_option = "Empty"
disk_size_gb = "1"
encryption_settings = {
enabled = false
}
tags = {
environment = "staging"
}
}
resource "azurerm_managed_disk" "positive2" {
name = "acctestmd"
location = "West US 2"
resource_group_name = azurerm_resource_group.example.name
storage_account_type = "Standard_LRS"
create_option = "Empty"
disk_size_gb = "1"
tags = {
environment = "staging"
}
}
Code samples without security vulnerabilities¶
Negative test num. 1 - tf file
resource "azurerm_managed_disk" "negative1" {
name = "acctestmd"
location = "West US 2"
resource_group_name = azurerm_resource_group.example.name
storage_account_type = "Standard_LRS"
create_option = "Empty"
disk_size_gb = "1"
encryption_settings = {
enabled = true
}
tags = {
environment = "staging"
}
}