Unencrypted data lake storage.

Explanation

Datalake storage encryption defaults to Enabled, it shouldn’t be overridden to Disabled.

Possible Impact

Data could be read if compromised

Suggested Resolution

Enable encryption of data lake storage

Insecure Example

The following example will fail the azure-datalake-enable-at-rest-encryption check.

resource "azurerm_data_lake_store" "bad_example" {
	encryption_state = "Disabled"
}

Secure Example

The following example will pass the azure-datalake-enable-at-rest-encryption check.

resource "azurerm_data_lake_store" "good_example" {
	encryption_state = "Enabled"
}

Getting Started
Provider Checks
Config
GitHub Actions