Checks whether disk encryption is enabled for PostgreSQL instances. Instances with disk encryption enabled are considered compliant.
Risk level
Default risk level: Medium.
You can change the risk level based on your business requirements.
Detection logic
-
A PostgreSQL instance is considered compliant if disk encryption is enabled.
Rule details
|
Parameter |
Description |
|
Rule name |
Enable disk encryption for PostgreSQL instances |
|
Rule identifier |
|
|
Tag |
GPDB |
|
Automatic remediation |
Not supported |
|
Rule trigger |
Configuration change |
|
Supported resource types |
ACS::GPDB::DBInstance |
|
Input parameters |
None |
Remediation
To remediate a non-compliant resource, see Disk encryption.