Alibaba Cloud disk encryption is disabled
Description
This policy identifies disks for which encryption is disabled. As a best practice enable disk encryption to improve data security without making changes to your business or applications. Snapshots created from encrypted disks and new disks created from these snapshots are automatically encrypted.
Code Example
go
resource "alicloud_disk" "example" {
...
+ encrypted = true
}Remediation
Terraform
To mitigate this issue, ensure the `encrypted` attribute of the `alicloud_disk` resource is set to `true`. This enables encryption for the disk.
Example:
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0007 |
| Severity | LOW |
| IaC Type | Terraform |
| Frameworks | Terraform |
| Checkov ID | CKV_ALI_7 |