More Info:

Ensure that the use of Google-managed encryption keys for Cloud SQL database instances is disabled at the GCP organization level in order to enforce the use of Customer-Managed Keys (CMKs) and have full control over SQL database encryption/decryption process.

Risk Level

Medium

Address

Security, Operational Maturity

Compliance Standards

ISO27001, HIPAA

Triage and Remediation

Remediation

Using Console