GKE cluster is not using Cloud KMS Key for database encryption

Vendor services misconfigurations

GKE cluster is not using Cloud KMS Key for database encryption

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
coppa
CPRA
Data Security Posture Management (DSPM) Best Practices
GKE CIS
iso_27001_2022
iso_27002_2022
K8s OWASP Top 10
Mitre ATT&CK
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
PDPA
pipeda
UK Cyber Essentials

Description

When Using Application-layer Secrets Encryption you can use a key that you manage in Cloud KMS, to encrypt data at the application layer. This protects against attackers in the event that they manage to gain access to the etcd database of {GcpGkeCluster}. It was detected that {GcpGkeCluster} is not using Application-layer Secrets Encryption in it's etcd database.

GKE cluster is not using Cloud KMS Key for database encryption

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS