AC_GCP_0368 | Ensure Logging is enabled for HTTP(S) Load Balancer | GCP | Security Best Practices | MEDIUM |
AC_GCP_0367 | Ensure API Keys Are Rotated Every 90 Days | GCP | Security Best Practices | MEDIUM |
AC_GCP_0366 | Ensure API Keys Are Restricted to Only APIs That Application Needs Access | GCP | Security Best Practices | MEDIUM |
AC_GCP_0358 | Ensure That Retention Policies on Cloud Storage Buckets Used for Exporting Logs Are Configured Using Bucket Lock | GCP | Logging and Monitoring | LOW |
AC_GCP_0365 | Ensure API Keys Only Exist for Active Services | GCP | Security Best Practices | MEDIUM |
AC_GCP_0336 | Ensure That Separation of Duties Is Enforced While Assigning Service Account Related Roles to Users | GCP | Identity and Access Management | LOW |
AC_GCP_0327 | Ensure that Dataproc Cluster is encrypted using Customer-Managed Encryption Key | GCP | Infrastructure Security | LOW |
AC_GCP_0281 | Ensure That Compute Instances Have Confidential Computing Enabled | GCP | Security Best Practices | MEDIUM |
AC_GCP_0249 | Ensure That Cloud SQL Database Instances Do Not Have Public IPs | GCP | Compliance Validation | MEDIUM |
AC_GCP_0307 | Ensure That the Log Metric Filter and Alerts Exist for Cloud Storage IAM Permission Changes | GCP | Logging and Monitoring | MEDIUM |
AC_GCP_0311 | Ensure That the Log Metric Filter and Alerts Exist for SQL Instance Configuration Changes | GCP | Logging and Monitoring | MEDIUM |
AC_GCP_0279 | Ensure That the Log Metric Filter and Alerts Exist for VPC Network Changes | GCP | Logging and Monitoring | MEDIUM |
AC_GCP_0309 | Ensure That the Log Metric Filter and Alerts Exist for VPC Network Firewall Rule Changes | GCP | Logging and Monitoring | MEDIUM |
AC_GCP_0310 | Ensure That the Log Metric Filter and Alerts Exist for VPC Network Route Changes | GCP | Logging and Monitoring | MEDIUM |
AC_GCP_0314 | Ensure That Separation of Duties Is Enforced While Assigning KMS Related Roles to Users | GCP | Identity and Access Management | HIGH |
AC_GCP_0280 | Ensure That a Default Customer-Managed Encryption Key (CMEK) Is Specified for All BigQuery Data Sets | GCP | Data Protection | MEDIUM |
AC_GCP_0304 | Ensure That All BigQuery Tables Are Encrypted With Customer-Managed Encryption Key (CMEK) | GCP | Data Protection | MEDIUM |
AC_GCP_0133 | Ensure 'Log_error_verbosity' Database Flag for Cloud SQL PostgreSQL Instance Is Set to 'DEFAULT' or Stricter | GCP | Compliance Validation | LOW |
AC_GCP_0371 | Ensure That the Default Network Does Not Exist in a Project - google_compute_network | GCP | Infrastructure Security | LOW |
AC_GCP_0033 | Ensure that VPC Flow Logs is Enabled for Every Subnet in a VPC Network | GCP | Logging and Monitoring | MEDIUM |
AC_GCP_0099 | Ensure 'Log_statement' Database Flag for Cloud SQL PostgreSQL Instance Is Set Appropriately | GCP | Compliance Validation | LOW |
AC_GCP_0134 | Ensure That RDP Access Is Restricted From the Internet | GCP | Infrastructure Security | HIGH |
AC_GCP_0260 | Ensure That SSH Access Is Restricted From the Internet | GCP | Infrastructure Security | HIGH |
AC_GCP_0010 | Ensure That the Default Network Does Not Exist in a Project - google_project | GCP | Infrastructure Security | LOW |
AC_GCP_0234 | Ensure That Cloud Storage Buckets Have Uniform Bucket-Level Access Enabled | GCP | Identity and Access Management | LOW |
AC_GCP_0323 | Ensure Compute Instances Are Launched With Shielded VM Enabled | GCP | Infrastructure Security | LOW |
AC_GCP_0282 | Ensure That Compute Instances Do Not Have Public IP Addresses | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0229 | Ensure VM Disks for Critical VMs Are Encrypted With Customer-Supplied Encryption Keys (CSEK) | GCP | Data Protection | MEDIUM |