Pub/Sub Topic without Customer-Managed Key Encryption

Data protection

Pub/Sub Topic without Customer-Managed Key Encryption

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
ISO/IEC 27001
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices

Description

It was detected that the topic {GcpPubSubTopic} is not using CMK (Customer-Managed Key). Google Cloud Pub/Sub topics should be encrypted with Customer-Managed Keys (CMKs) in order to have full control over data encryption and decryption process. For further reading visit https://cloud.google.com/pubsub/docs/encryption#using-cmek.

Recommended Mitigation

It is recommended to configure Pub/Sub topics to be encrypted with Customer-Managed Keys (CMKs).

Pub/Sub Topic without Customer-Managed Key Encryption

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS