Ensure that the Auto-Delete behavior rule is disabled for the persistent disks attached to your Google Cloud virtual machine (VM) instances in order to protect the VM data from being deleted and meet security and compliance requirements.
By default, the Auto-Delete rule is enabled for zonal persistent disks during virtual machine creation. When Auto-Delete is on, the persistent disks are deleted when the associated VM instance is deleted. However, for mission-critical Google Cloud VM instances and cloud environments where compliance and security requirements are more rigorous, you may need to retain the persistent disks after the instance termination. When Auto-Delete behavior rule is disabled, the zonal persistent disks attached to your VM instance are no longer removed when the instance is deleted.
To determine if the Auto-Delete behavior feature is disabled for the disks attached to your Compute Engine instances, perform the following operations:
Remediation / Resolution
To disable the Auto-Delete behavior rule for the zonal persistent disks attached to your mission-critical Google Cloud VM instances, perform the following operations:Note: You can only configure the auto-delete state of an instance persistent disk if it is attached in read/write mode.
- Google Cloud Platform (GCP) Documentation
- Virtual machine instances
- Deleting an Instance
- Adding or resizing zonal persistent disks
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
Get started for FREE
You are auditing:
Disable Auto-Delete for VM Instance Persistent Disks
Risk level: Medium