Control: Double encryption should be enabled on Azure Data Explorer
Description
Enabling double encryption helps protect and safeguard your data to meet your organizational security and compliance commitments. When double encryption has been enabled, data in the storage account is encrypted twice, once at the service level and once at the infrastructure level, using two different encryption algorithms and two different keys.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.kusto_cluster_double_encryption_enabledSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.kusto_cluster_double_encryption_enabled --shareSQL
This control uses a named query:
select kv.id as resource, case when enable_double_encryption then 'ok' else 'alarm' end as status, case when enable_double_encryption then name || ' double encryption enabled.' else name || ' double encryption disabled.' end as reason , kv.resource_group as resource_group , sub.display_name as subscriptionfrom azure_kusto_cluster as kv, azure_subscription as subwhere sub.subscription_id = kv.subscription_id;