GeminiDB Instances Have Disk Encryption Enabled
Rule Details
|
Parameter |
Description |
|---|---|
|
Name |
gaussdb-nosql-enable-disk-encryption |
|
Identifier |
gaussdb-nosql-enable-disk-encryption |
|
Description |
If a GeminiDB instance does not have disk encryption enabled, this instance is non-compliant. |
|
Tag |
gemini db |
|
Trigger Type |
Configuration change |
|
Filter Type |
nosql.instances |
|
Rule Parameters |
None |
Application Scenarios
You are advised to enable disk encryption to prevent data leakage and reduce security risks.
After you enable disk encryption, your data will be encrypted on disks and stored in ciphertext. When you download encrypted objects, the ciphertext will be decrypted into plain text and then sent to you. Disk encryption can improve data security and may have slight impacts on database writes and reads. For details, see Buying a GeminiDB Cassandra Instance. Disk encryption is only supported for some GeminiDB instances.
Solution
Disk encryption cannot be enabled after an instance is created. You must enable this function when purchasing a GeminiDB instance. If an instance has been created, you can migrate data to an instance with disk encryption enabled.
Rule Logic
- If a GeminiDB instance does not have disk encryption enabled, this instance is non-compliant.
- If a GeminiDB instance has disk encryption enabled, this instance is compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
