Vertex AI tensorboard does not use a Customer Managed Key (CMK)

Description

This policy is ensuring that Vertex AI tensorboard in the Google Cloud Platform (GCP) is using a Customer Managed Key (CMK) for encryption. Not using a CMK exposes the system to potential data breaches because the default automated key management might not meet the specific security needs of the business. With CMKs, users have granular control including determining when and where the keys are used, and who can access them.

Code Example

resource "google_vertex_ai_tensorboard" "example" {
  ...
  encryption_spec {
    kms_key_name = "some_name"
  }
}

Remediation

Terraform

Resource: google_vertex_ai_tensorboard
Arguments: encryption_spec

You must ensure that you use a Customer Managed Key (CMK) for your Vertex AI tensorboard in your Terraform script.

Rule Details

Field	Value
ID	IAC-1011
Severity	MEDIUM
IaC Type	Terraform
Frameworks	Terraform, TerraformPlan
Checkov ID	CKV2_GCP_26

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Vertex AI tensorboard does not use a Customer Managed Key (CMK)

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Vertex AI tensorboard does not use a Customer Managed Key (CMK) ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

Vertex AI tensorboard does not use a Customer Managed Key (CMK)

Description

Code Example

Remediation

Rule Details

References