This document (https://docs.databricks.com/security/keys/customer-managed-keys-managed-services-aws.html) describes how to use a customer managed key to encrypt notebooks in the control plane.

We would please like to verify: if no CMK is provided, are notebooks still encrypted using a key provided by Databricks or the cloud provider?