| Plugin Title | Bucket Encryption |
| Cloud | |
| Category | Storage |
| Description | Ensure that Cloud Storage buckets have encryption enabled using desired protection level. |
| More Info | By default, all storage buckets are encrypted using Google-managed keys. To have better control over how your storage bucktes are encrypted, you can use Customer-Managed Keys (CMKs). |
| GOOGLE Link | https://cloud.google.com/storage/docs/encryption/customer-managed-keys |
| Recommended Action | Ensure that all storage buckets have desired encryption level. |
- Log into the Google Cloud Platform Console.
- Scroll down the left navigation panel and choose "Cloud Storage" to select the "Buckets" option.
- On the "Buckets" page, select the bucket which needs to be configured with the desire encryption level .
- Select the "CONFIGURATION" tab to access the configuration defined for selected bucket.
- Select on Encryption type and click on edit option.
- A popup panel will appear on screen.
- Select the desire encryption level want to set on selected bucket and then click "Save"
- Repeat steps number 4-6 to configure encryption of desire level to all other buckets in the project.
