modules/Azure/Checks/Test-StorageEnsureEncryptionWithCustomerManagedKeys.ps1
|
function Test-StorageEnsureEncryptionWithCustomerManagedKeys { <# .SYNOPSIS Azure Storage account uses customer-managed keys (CMKs) for encryption .DESCRIPTION **Azure Storage accounts** use **customer-managed keys** (`CMK`) from **Key Vault/Managed HSM** for service-side encryption of data at rest, rather than platform-managed keys (`encryption_type`=`Microsoft.Keyvault`). .PARAMETER Check CIEMCheck object containing check metadata. #> [CmdletBinding()] [OutputType([PSCustomObject[]])] param( [Parameter(Mandatory)] $Check ) $ErrorActionPreference = 'Stop' # TODO: Implement check logic based on Prowler check: storage_ensure_encryption_with_customer_managed_keys [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check storage_ensure_encryption_with_customer_managed_keys for reference.', 'N/A', 'storage Resources') } |