Ensure that 'Unattached disks' are encrypted in Azure Managed Disk

MEDIUM

Description

Azure Managed Disk storage should be encrypted to protect sensitive information. It is considered best practice to encrypt data at-rest in any environment that supports it, especially as it is often required for certain compliance frameworks or industry regulations.

Remediation

Set 'enabled' in 'encryption_settings' to 'true' to ensure data at rest in Azure Managed Disk remains encrypted, thus reducing risk of data leak.

Policy Details

Rule Reference ID: AC_AZURE_0143

CSP: Azure

Remediation Available: Yes

Domain: Data Protection

Resource: azurerm_managed_disk

Resource Category: Storage

Resource Type: Disk

Frameworks

HIPAA
PCI-DSS
SOC2
NY-DFS
GDPR

Detections

Analytics