💼 1.17 Ensure that Dataproc Cluster is encrypted using Customer-Managed Encryption Key - Level 2 (Automated)

Contextual name: 💼 1.17 Ensure that Dataproc Cluster is encrypted using Customer-Managed Encryption Key - Level 2 (Automated)
ID: /frameworks/cis-gcp-v2.0.0/01/17
Located in: 💼 1 Identity and Access Management

Description

When you use Dataproc, cluster and job data is stored on Persistent Disks (PDs) associated with the Compute Engine VMs in your cluster and in a Cloud Storage staging bucket. This PD and bucket data is encrypted using a Google-generated data encryption key (DEK) and key encryption key (KEK). The CMEK feature allows you to create, use, and revoke the key encryption key (KEK). Google still controls the data encryption key (DEK).

Similar

Sections
- /frameworks/cis-gcp-v3.0.0/08/01
- /frameworks/cis-gcp-v1.3.0/01/17
Internal
- ID: dec-c-c18f7bbb

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS GCP v1.3.0 → 💼 1.17 Ensure that Dataproc Cluster is encrypted using Customer-Managed Encryption Key - Level 2 (Automated)			1
💼 CIS GCP v3.0.0 → 💼 8.1 Ensure that Dataproc Cluster is encrypted using Customer-Managed Encryption Key - Level 2 (Automated)			1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS GCP v1.3.0 → 💼 1.17 Ensure that Dataproc Cluster is encrypted using Customer-Managed Encryption Key - Level 2 (Automated)			1
💼 CIS GCP v3.0.0 → 💼 8.1 Ensure that Dataproc Cluster is encrypted using Customer-Managed Encryption Key - Level 2 (Automated)			1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 Google Dataproc Cluster is not encrypted using Customer-Managed Encryption Key 🟢	1	🟢 x6

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​