Benchmark: 2.1.1 Cloud Object Storage Encryption


Objects stored in IBM Cloud Object Storage need to be encrypted at all times for client data security. By default all objects stored in IBM Cloud Object Storage are encrypted at-rest using provider-managed keys and no user action is needed. Optionally, you can also leverage IBM Cloud Object Storage integration with IBM Cloud Key Management Services to further add another layer of encryption to the Data Encryption Keys (DEKs) associated with the data (objects) stored in Cloud Object Storage buckets.


Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-ibm-compliance

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select 2.1.1 Cloud Object Storage Encryption.

Run this benchmark in your terminal:

powerpipe benchmark run ibm_compliance.benchmark.cis_v100_2_1_1

Snapshot and share results via Turbot Pipes:

powerpipe benchmark run ibm_compliance.benchmark.cis_v100_2_1_1 --share