All Products
Search
Document Center

Cloud Config:ecs-system-disk-encrypted

Last Updated:Jun 16, 2026

Evaluates as Compliant when encryption is enabled on Elastic Compute Service (ECS) system disks.

Scenarios

Enable encryption for ECS system disks to improve data security and meet regulatory requirements.

Risk level

Default risk level: medium.

You can change the risk level based on your business requirements when you apply this rule.

Compliance evaluation logic

  • If the encryption feature is enabled for each ECS system disk, the evaluation result is Compliant.
  • If the encryption feature is disabled for an ECS system disk, the evaluation result is Incompliant. To remediate this, see Incompliance remediation.
  • This rule does not apply to ECS data disks.

Rule details

Item Description
Rule name ecs-system-disk-encrypted
Rule identifier ecs-system-disk-encrypted
Tag ECS and Disk
Automatic remediation Not supported
Trigger type Configuration change
Supported resource type ECS disk
Input parameter None.

Incompliance remediation

Enable the encryption feature for an ECS system disk. For more information, see Encrypt a system disk.