OSS Bucket KMS Encryption Enabled
ID: rule:aliyun:oss-default-encryption-kms
Severity: medium
IaC Types: ROS, Terraform
Description
Ensures OSS bucket uses KMS for server-side encryption.
Reason for Violation
The OSS bucket does not use KMS for server-side encryption.
Recommendation
Set sse_algorithm to 'KMS' in server_side_encryption_rule.
Resource Types
- ROS:
ALIYUN::OSS::Bucket - Terraform:
alicloud_oss_bucket