Key Management Errors
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-320: CWE CATEGORY: Key Management Errors |
| OWASP | A03:2017 - Sensitive Data Exposure |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Description#
The managed disk resource in your Terraform configuration does not specify a disk encryption set, meaning it may not use customer-managed keys for encryption. This can result in disks being protected only by platform-managed keys, reducing control over encryption and key management.
Impact#
Without customer-managed keys, sensitive data on the disk could be at greater risk if platform keys are compromised or rotated without your knowledge. This limits your ability to enforce strict security policies, increasing the risk of unauthorized data access or regulatory non-compliance.