AWS
Google Cloud
Microsoft AzureOverview
Training data, feature stores, and model artifacts often contain proprietary, regulated, or customer-derived data. They should be encrypted at rest with provider-managed or customer-managed keys according to the account security baseline.
Remediation guidance
Remediation
Enable encryption for AI datasets, feature stores, and model artifact stores. Prefer customer-managed keys where policy requires key ownership, rotation, or separation of duties.
Rollout guidance
- Locate affected datasets, feature stores, and model artifact locations.
- Enable encryption or migrate data into encrypted stores.
- Restrict key usage to the AI workload identities that require it.
- Re-scan after the next connector sync.
Query logic
These are the stored checks tied to this control.
AI training data and feature stores should be encrypted
Connectors
AWSGoogle CloudMicrosoft Azure
Covered asset types
AI ServicesDatasetFeature StoreModel
Expected check: eq []
{
sageMakerFeatureGroups(where: { encrypted: { eq: false } }) { ...AssetFragment }
vertexAIDatasets(where: { encrypted: { eq: false } }) { ...AssetFragment }
vertexAIFeaturestores(where: { encrypted: { eq: false } }) { ...AssetFragment }
azureMachineLearningModels(where: { encrypted: { eq: false } }) { ...AssetFragment }
azureAIFoundryProjects(where: { encrypted: { eq: false } }) { ...AssetFragment }
}
