Data protection

GCP Secret Manager secret encrypted without Customer-Managed Encryption Keys

Risk Level

Informational (4)

Platform(s)

Description

GCP Secret Manager can store, manage and access secrets, with the appropriate permissions you can view its content. We detected that the secret '{GcpSecretManagerSecret}' is not using CMEKs (Customer-Managed Encryption Keys). CMEKs allow you to have full control over the data encryption and decryption process.