๐ผ 1.17 Ensure that Dataproc Cluster is encrypted using Customer-Managed Encryption Key - Level 2 (Automated)
- Contextual name: ๐ผ 1.17 Ensure that Dataproc Cluster is encrypted using Customer-Managed Encryption Key - Level 2 (Automated)
- ID:
/frameworks/cis-gcp-v2.0.0/01/17 - Located in: ๐ผ 1 Identity and Access Management
Descriptionโ
When you use Dataproc, cluster and job data is stored on Persistent Disks (PDs) associated with the Compute Engine VMs in your cluster and in a Cloud Storage staging bucket. This PD and bucket data is encrypted using a Google-generated data encryption key (DEK) and key encryption key (KEK). The CMEK feature allows you to create, use, and revoke the key encryption key (KEK). Google still controls the data encryption key (DEK).
Similarโ
- Internal
- ID:
dec-c-c18f7bbb
- ID:
Sub Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|