Data protection

Snapshot is not using customer-managed KMS keys


GCP Snapshot is able to capture a disk state at a particular point in time, which can be later restored to a new disk. We identified a Snapshot '{GcpVmSnapshot}' that was encrypted using default encryption keys managed by Google and not using customer-managed encryption keys (CMEK) which enable more control over the encryption keys.