By default, Compute Engine encrypts all data at rest. Compute Engine handles and manages this encryption for you without any additional actions on your part.
disk_encryption_key block is included in the resource declaration then it must include a
To use the default offering of Google managed keys, do not include a
disk_encryption_key block at all.
The following example will fail the GCP001 check.
The following example will pass the GCP001 check.