Benchmark: 2.2.1 Cloud Block Storage Encryption
Description
Objects stored in IBM Cloud Block Storage need to be encrypted at all times for client data security. By default all objects stored in IBM Cloud Block Storage are encrypted at-rest by ensuring user selects an encryption key from various available options.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-ibm-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 2.2.1 Cloud Block Storage Encryption.
Run this benchmark in your terminal:
powerpipe benchmark run ibm_compliance.benchmark.cis_v100_2_2_1Snapshot and share results via Turbot Pipes:
powerpipe benchmark run ibm_compliance.benchmark.cis_v100_2_2_1 --shareControls
- 2.2.1.1 Ensure Block Storage is encrypted with customer managed keys
- 2.2.1.2 Ensure Block Storage is encrypted with BYOK
- 2.2.1.3 Ensure Block Storage is encrypted with KYOK