πΌ 8.1 Ensure that Dataproc Cluster is encrypted using Customer-Managed Encryption Key - Level 2 (Automated)
- Contextual name: πΌ 8.1 Ensure that Dataproc Cluster is encrypted using Customer-Managed Encryption Key - Level 2 (Automated)
- ID:
/frameworks/cis-gcp-v3.0.0/08/01
- Located in: πΌ 8 Dataproc
Descriptionβ
When you use Dataproc, cluster and job data is stored on Persistent Disks (PDs) associated with the Compute Engine VMs in your cluster and in a Cloud Storage staging bucket. This PD and bucket data is encrypted using a Google-generated data encryption key (DEK) and key encryption key (KEK). The CMEK feature allows you to create, use, and revoke the key encryption key (KEK). Google still controls the data encryption key (DEK).
Similarβ
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (1)β