Unencrypted Data Lake Store accounts
Description
‎Azure Data Lake Storage Gen2 is a set of capabilities dedicated to big data analytics, built on Azure Blob storage. Data Lake Storage Gen2 converges the capabilities of Azure Data Lake Storage Gen1 with Azure Blob storage. Data Lake Storage Gen1 supports encryption of data both at rest and in transit. For data at rest, Data Lake Storage Gen1 supports "on by default," transparent encryption.
Fix - Buildtime
Terraform
- Resource: xyz
- Argument: encryption_state - (Optional) Is Encryption enabled on this Data Lake Store Account? Possible values are Enabled or Disabled. Defaults to Enabled.
encryption_type - (Optional) The Encryption Type used for this Data Lake Store Account. Currently can be set to ServiceManaged when encryption_state is Enabled - and must be a blank string when it's Disabled.
resource "azurerm_data_lake_store" "example" {
...
encryption_state = "Enabled"
encryption_type = "ServiceManaged"
}