Skip to main content

Kafka Instance Disk Encryption Enabled

ID: rule:aliyun:kafka-instance-disk-encrypted
Severity: high
IaC Types: ROS, Terraform

Description

Kafka instances should have disk encryption enabled using KMS to protect data at rest.

Reason for Violation

The Kafka instance does not have disk encryption enabled via KMS.

Recommendation

Enable disk encryption by specifying a KMS key ID in the kms_key_id attribute.

Resource Types

  • ROS: ALIYUN::KAFKA::Instance
  • Terraform: alicloud_alikafka_instance