security-mcp 1.3.1 → 1.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (131) hide show
  1. package/README.md +356 -885
  2. package/defaults/cloud-controls/aws.json +10712 -0
  3. package/defaults/cloud-controls/azure.json +7201 -0
  4. package/defaults/cloud-controls/gcp.json +4061 -0
  5. package/defaults/control-catalog.json +24 -0
  6. package/dist/ci/pr-gate.js +22 -5
  7. package/dist/cli/index.js +73 -2
  8. package/dist/cli/install.js +4 -55
  9. package/dist/cli/onboarding.js +18 -10
  10. package/dist/gate/checks/agentic-instructions.js +515 -0
  11. package/dist/gate/checks/ai-governance.js +132 -0
  12. package/dist/gate/checks/ai.js +1 -1
  13. package/dist/gate/checks/cloud-controls.js +69 -0
  14. package/dist/gate/checks/crypto.js +1 -1
  15. package/dist/gate/checks/data-platform.js +954 -0
  16. package/dist/gate/checks/dependencies.js +14 -3
  17. package/dist/gate/checks/docker-deep.js +1236 -0
  18. package/dist/gate/checks/gitops.js +724 -0
  19. package/dist/gate/checks/iac.js +1230 -0
  20. package/dist/gate/checks/k8s.js +841 -1
  21. package/dist/gate/checks/secrets.js +49 -37
  22. package/dist/gate/cloud-controls/apply.js +115 -0
  23. package/dist/gate/cloud-controls/bicep.js +36 -0
  24. package/dist/gate/cloud-controls/cfn.js +125 -0
  25. package/dist/gate/cloud-controls/detect.js +104 -0
  26. package/dist/gate/cloud-controls/hcl.js +140 -0
  27. package/dist/gate/cloud-controls/types.js +87 -0
  28. package/dist/gate/exceptions.js +78 -7
  29. package/dist/gate/findings.js +15 -2
  30. package/dist/gate/policy.js +40 -3
  31. package/dist/gate/threat-intel.js +6 -0
  32. package/dist/mcp/audit-chain.js +9 -0
  33. package/dist/mcp/model-router.js +3 -3
  34. package/dist/mcp/orchestration.js +194 -41
  35. package/dist/mcp/server.js +124 -17
  36. package/dist/mcp/tool-audit.js +193 -0
  37. package/dist/repo/fs.js +14 -1
  38. package/dist/review/store.js +4 -2
  39. package/dist/tests/run.js +124 -1
  40. package/package.json +3 -3
  41. package/skills/advanced-dos-tester/SKILL.md +9 -0
  42. package/skills/agentic-instruction-auditor/SKILL.md +111 -0
  43. package/skills/agentic-loop-exploiter/SKILL.md +9 -0
  44. package/skills/ai-llm-redteam/SKILL.md +9 -0
  45. package/skills/ai-model-supply-chain-agent/SKILL.md +9 -0
  46. package/skills/algorithm-implementation-reviewer/SKILL.md +9 -0
  47. package/skills/android-penetration-tester/SKILL.md +9 -0
  48. package/skills/anti-replay-tester/SKILL.md +9 -0
  49. package/skills/appsec-code-auditor/SKILL.md +9 -0
  50. package/skills/artifact-integrity-analyst/SKILL.md +9 -0
  51. package/skills/attack-navigator/SKILL.md +9 -0
  52. package/skills/auth-session-hacker/SKILL.md +9 -0
  53. package/skills/aws-penetration-tester/SKILL.md +54 -0
  54. package/skills/azure-penetration-tester/SKILL.md +52 -0
  55. package/skills/binary-auth-validator/SKILL.md +9 -0
  56. package/skills/bot-detection-specialist/SKILL.md +9 -0
  57. package/skills/business-logic-attacker/SKILL.md +9 -0
  58. package/skills/capec-code-mapper/SKILL.md +9 -0
  59. package/skills/cert-pin-rotation-specialist/SKILL.md +9 -0
  60. package/skills/cicd-pipeline-hijacker/SKILL.md +9 -0
  61. package/skills/ciso-orchestrator/SKILL.md +11 -0
  62. package/skills/cloud-infra-specialist/SKILL.md +9 -0
  63. package/skills/compliance-gap-analyst/SKILL.md +9 -0
  64. package/skills/compliance-grc/SKILL.md +9 -0
  65. package/skills/compliance-lifecycle-tracker/SKILL.md +9 -0
  66. package/skills/container-hardening-auditor/SKILL.md +125 -0
  67. package/skills/credential-stuffing-specialist/SKILL.md +9 -0
  68. package/skills/crypto-pki-specialist/SKILL.md +9 -0
  69. package/skills/csa-ccm-mapper/SKILL.md +9 -0
  70. package/skills/csf2-governance-mapper/SKILL.md +9 -0
  71. package/skills/data-platform-auditor/SKILL.md +125 -0
  72. package/skills/deep-link-fuzzer/SKILL.md +9 -0
  73. package/skills/dependency-confusion-attacker/SKILL.md +9 -0
  74. package/skills/device-integrity-aggregator/SKILL.md +9 -0
  75. package/skills/dos-resilience-tester/SKILL.md +9 -0
  76. package/skills/dread-scorer/SKILL.md +9 -0
  77. package/skills/egress-policy-enforcer/SKILL.md +9 -0
  78. package/skills/evidence-collector/SKILL.md +9 -0
  79. package/skills/file-upload-attacker/SKILL.md +9 -0
  80. package/skills/gcp-penetration-tester/SKILL.md +51 -0
  81. package/skills/git-history-secret-scanner/SKILL.md +9 -0
  82. package/skills/gitops-delivery-auditor/SKILL.md +120 -0
  83. package/skills/iac-security-auditor/SKILL.md +125 -0
  84. package/skills/iam-privesc-graph-builder/SKILL.md +9 -0
  85. package/skills/incident-responder/SKILL.md +9 -0
  86. package/skills/injection-specialist/SKILL.md +9 -0
  87. package/skills/ios-security-auditor/SKILL.md +9 -0
  88. package/skills/json-ambiguity-tester/SKILL.md +0 -0
  89. package/skills/k8s-container-escaper/SKILL.md +22 -0
  90. package/skills/key-management-lifecycle-analyst/SKILL.md +9 -0
  91. package/skills/kill-switch-engineer/SKILL.md +9 -0
  92. package/skills/linddun-privacy-analyst/SKILL.md +9 -0
  93. package/skills/logic-race-fuzzer/SKILL.md +9 -0
  94. package/skills/mobile-api-network-attacker/SKILL.md +9 -0
  95. package/skills/mobile-binary-hardener/SKILL.md +9 -0
  96. package/skills/mobile-security-specialist/SKILL.md +9 -0
  97. package/skills/mobile-webview-auditor/SKILL.md +9 -0
  98. package/skills/model-extraction-attacker/SKILL.md +9 -0
  99. package/skills/multipart-abuse-tester/SKILL.md +9 -0
  100. package/skills/oauth-pkce-specialist/SKILL.md +9 -0
  101. package/skills/parser-exhaustion-tester/SKILL.md +9 -0
  102. package/skills/pentest-infra/SKILL.md +9 -0
  103. package/skills/pentest-social/SKILL.md +9 -0
  104. package/skills/pentest-team/SKILL.md +9 -0
  105. package/skills/pentest-web-api/SKILL.md +9 -0
  106. package/skills/privacy-flow-analyst/SKILL.md +9 -0
  107. package/skills/prompt-injection-specialist/SKILL.md +9 -0
  108. package/skills/quantum-migration-planner/SKILL.md +9 -0
  109. package/skills/rag-poisoning-specialist/SKILL.md +9 -0
  110. package/skills/registry-mirror-enforcer/SKILL.md +9 -0
  111. package/skills/rotation-validation-agent/SKILL.md +9 -0
  112. package/skills/samm-assessor/SKILL.md +9 -0
  113. package/skills/secrets-mask-bypass-tester/SKILL.md +9 -0
  114. package/skills/senior-security-engineer/SKILL.md +11 -0
  115. package/skills/serialization-memory-attacker/SKILL.md +9 -0
  116. package/skills/session-timeout-tester/SKILL.md +9 -0
  117. package/skills/slsa-level3-enforcer/SKILL.md +9 -0
  118. package/skills/slsa-provenance-enforcer/SKILL.md +9 -0
  119. package/skills/ssrf-detection-validator/SKILL.md +9 -0
  120. package/skills/step-up-auth-enforcer/SKILL.md +9 -0
  121. package/skills/stride-pasta-analyst/SKILL.md +9 -0
  122. package/skills/supply-chain-devsecops/SKILL.md +9 -0
  123. package/skills/threat-infrastructure-analyst/SKILL.md +9 -0
  124. package/skills/threat-modeler/SKILL.md +9 -0
  125. package/skills/tls-certificate-auditor/SKILL.md +9 -0
  126. package/skills/token-reuse-detector/SKILL.md +9 -0
  127. package/skills/trike-risk-modeler/SKILL.md +9 -0
  128. package/skills/unicode-homograph-tester/SKILL.md +9 -0
  129. package/skills/waf-rule-lifecycle-agent/SKILL.md +9 -0
  130. package/skills/webhook-security-tester/SKILL.md +9 -0
  131. package/skills/zero-trust-architect/SKILL.md +9 -0
@@ -0,0 +1,4061 @@
1
+ {
2
+ "version": "1.0.0",
3
+ "rules": [
4
+ {
5
+ "ruleId": "GCP_SQL_NO_PUBLIC_IP",
6
+ "threat": "A Cloud SQL instance with a public IP and open authorized networks is directly reachable from the internet for brute force and CVE exploitation.",
7
+ "frameworks": ["CIS GCP Foundations Benchmark 6.5"],
8
+ "severity": "HIGH",
9
+ "title": "Cloud SQL instance must not expose a public IP",
10
+ "detect": {
11
+ "target": "terraform",
12
+ "resourceType": "google_sql_database_instance",
13
+ "forbid": "ipv4_enabled\\s*=\\s*true"
14
+ },
15
+ "remediate": {
16
+ "strategy": "set-attr",
17
+ "ensure": { "settings.ip_configuration.ipv4_enabled": "false" }
18
+ },
19
+ "requiredActions": [
20
+ "Set settings { ip_configuration { ipv4_enabled = false } } and connect via Private Service Connect / private IP only."
21
+ ]
22
+ },
23
+ {
24
+ "ruleId": "GCP_STORAGE_UNIFORM_ACCESS",
25
+ "threat": "Without uniform bucket-level access, object ACLs can re-expose data even when IAM looks locked down.",
26
+ "frameworks": ["CIS GCP Foundations Benchmark 5.2"],
27
+ "severity": "MEDIUM",
28
+ "title": "GCS bucket must enforce uniform bucket-level access",
29
+ "detect": {
30
+ "target": "terraform",
31
+ "resourceType": "google_storage_bucket",
32
+ "require": "uniform_bucket_level_access\\s*=\\s*true"
33
+ },
34
+ "remediate": {
35
+ "strategy": "set-attr",
36
+ "ensure": { "uniform_bucket_level_access": "true" }
37
+ },
38
+ "requiredActions": [
39
+ "Set uniform_bucket_level_access = true on the google_storage_bucket so legacy object ACLs cannot grant access."
40
+ ]
41
+ },
42
+ {
43
+ "ruleId": "GCP_SQL_REQUIRE_SSL",
44
+ "threat": "A Cloud SQL instance that does not require SSL accepts plaintext connections, exposing credentials and data on the wire.",
45
+ "frameworks": ["CIS GCP Foundations Benchmark 6.4"],
46
+ "severity": "MEDIUM",
47
+ "title": "Cloud SQL instance must require SSL",
48
+ "detect": {
49
+ "target": "terraform",
50
+ "resourceType": "google_sql_database_instance",
51
+ "require": "require_ssl\\s*=\\s*true"
52
+ },
53
+ "remediate": {
54
+ "strategy": "set-attr",
55
+ "ensure": { "settings.ip_configuration.require_ssl": "true" }
56
+ },
57
+ "requiredActions": [
58
+ "Set settings { ip_configuration { require_ssl = true } } (or ssl_mode = ENCRYPTED_ONLY on newer providers) on the google_sql_database_instance."
59
+ ]
60
+ },
61
+ {
62
+ "ruleId": "GCP_GKE_SHIELDED_NODES",
63
+ "threat": "GKE nodes without Shielded Nodes lack verified boot and kernel integrity, enabling rootkit persistence on a compromised node.",
64
+ "frameworks": ["CIS GCP Foundations Benchmark 7.10"],
65
+ "severity": "MEDIUM",
66
+ "title": "GKE cluster must enable Shielded Nodes",
67
+ "detect": {
68
+ "target": "terraform",
69
+ "resourceType": "google_container_cluster",
70
+ "require": "enable_shielded_nodes\\s*=\\s*true"
71
+ },
72
+ "remediate": {
73
+ "strategy": "set-attr",
74
+ "ensure": { "enable_shielded_nodes": "true" }
75
+ },
76
+ "requiredActions": [
77
+ "Set enable_shielded_nodes = true on the google_container_cluster."
78
+ ]
79
+ },
80
+ {
81
+ "ruleId": "GCP_GKE_NETWORK_POLICY",
82
+ "threat": "Without a network policy, any compromised pod can move laterally to every other pod in the cluster.",
83
+ "frameworks": ["CIS GCP Foundations Benchmark 7.7"],
84
+ "severity": "MEDIUM",
85
+ "title": "GKE cluster must enable network policy",
86
+ "detect": {
87
+ "target": "terraform",
88
+ "resourceType": "google_container_cluster",
89
+ "require": "network_policy"
90
+ },
91
+ "remediate": {
92
+ "strategy": "set-attr",
93
+ "ensure": { "network_policy.enabled": "true" }
94
+ },
95
+ "requiredActions": [
96
+ "Add network_policy { enabled = true } to the google_container_cluster and enforce NetworkPolicies per namespace."
97
+ ]
98
+ },
99
+ {
100
+ "ruleId": "GCP_COMPUTE_SHIELDED_VM",
101
+ "threat": "A Compute Engine VM without Secure Boot can be persisted by a boot-level rootkit after compromise.",
102
+ "frameworks": ["CIS GCP Foundations Benchmark 4.8"],
103
+ "severity": "LOW",
104
+ "title": "Compute instance must enable Shielded VM secure boot",
105
+ "detect": {
106
+ "target": "terraform",
107
+ "resourceType": "google_compute_instance",
108
+ "require": "enable_secure_boot\\s*=\\s*true"
109
+ },
110
+ "remediate": {
111
+ "strategy": "set-attr",
112
+ "ensure": { "shielded_instance_config.enable_secure_boot": "true" }
113
+ },
114
+ "requiredActions": [
115
+ "Add shielded_instance_config { enable_secure_boot = true } to the google_compute_instance."
116
+ ]
117
+ },
118
+ {
119
+ "ruleId": "GCP_BIGQUERY_NO_PUBLIC",
120
+ "threat": "A BigQuery dataset granting allUsers/allAuthenticatedUsers lets anonymous or any Google account query and exfiltrate the data.",
121
+ "frameworks": ["CIS GCP Foundations Benchmark 7.1"],
122
+ "severity": "CRITICAL",
123
+ "title": "BigQuery dataset must not be publicly accessible",
124
+ "detect": {
125
+ "target": "terraform",
126
+ "resourceType": "google_bigquery_dataset",
127
+ "forbid": "allAuthenticatedUsers|allUsers"
128
+ },
129
+ "remediate": {
130
+ "strategy": "manual",
131
+ "snippet": "Remove the access block granting special_group = \"allAuthenticatedUsers\" or \"allUsers\". Grant explicit user/group/serviceAccount principals instead."
132
+ },
133
+ "requiredActions": [
134
+ "Remove the allUsers/allAuthenticatedUsers access grant from the google_bigquery_dataset. Auto-fix cannot infer the correct principals — assign least-privilege access explicitly."
135
+ ]
136
+ },
137
+ {
138
+ "ruleId": "GCP_COMPUTE_NO_IP_FORWARD",
139
+ "threat": "IP forwarding lets a compromised VM act as a router and intercept or redirect other instances' traffic.",
140
+ "frameworks": ["CIS GCP Foundations Benchmark 4.6"],
141
+ "severity": "MEDIUM",
142
+ "title": "Compute instance must not enable IP forwarding",
143
+ "detect": {
144
+ "target": "terraform",
145
+ "resourceType": "google_compute_instance",
146
+ "forbid": "can_ip_forward\\s*=\\s*true"
147
+ },
148
+ "remediate": {
149
+ "strategy": "set-attr",
150
+ "ensure": { "can_ip_forward": "false" }
151
+ },
152
+ "requiredActions": [
153
+ "Set can_ip_forward = false on the google_compute_instance unless it is an intentional NAT/router appliance."
154
+ ]
155
+ },
156
+ {
157
+ "ruleId": "GCP_SQL_BACKUP_ENABLED",
158
+ "threat": "A Cloud SQL instance without automated backups cannot be recovered after a destructive or ransomware event.",
159
+ "frameworks": ["CIS GCP Foundations Benchmark 6.7"],
160
+ "severity": "MEDIUM",
161
+ "title": "Cloud SQL instance must enable automated backups",
162
+ "detect": {
163
+ "target": "terraform",
164
+ "resourceType": "google_sql_database_instance",
165
+ "require": "backup_configuration"
166
+ },
167
+ "remediate": {
168
+ "strategy": "set-attr",
169
+ "ensure": { "settings.backup_configuration.enabled": "true" }
170
+ },
171
+ "requiredActions": [
172
+ "Add settings { backup_configuration { enabled = true } } to the google_sql_database_instance."
173
+ ]
174
+ },
175
+ {
176
+ "ruleId": "GCP_KMS_KEY_ROTATION",
177
+ "threat": "A KMS key without a rotation period means a single key compromise exposes all historical ciphertext.",
178
+ "frameworks": ["CIS GCP Foundations Benchmark 1.9"],
179
+ "severity": "MEDIUM",
180
+ "title": "KMS crypto key must set a rotation period",
181
+ "detect": {
182
+ "target": "terraform",
183
+ "resourceType": "google_kms_crypto_key",
184
+ "require": "rotation_period"
185
+ },
186
+ "remediate": {
187
+ "strategy": "set-attr",
188
+ "ensure": { "rotation_period": "\"7776000s\"" }
189
+ },
190
+ "requiredActions": [
191
+ "Set rotation_period = \"7776000s\" (90 days) or shorter on the google_kms_crypto_key."
192
+ ]
193
+ },
194
+ {
195
+ "ruleId": "GCP_DNS_DNSSEC",
196
+ "threat": "A managed DNS zone without DNSSEC can be spoofed via cache poisoning, redirecting users to attacker infrastructure.",
197
+ "frameworks": ["CIS GCP Foundations Benchmark 3.3"],
198
+ "severity": "LOW",
199
+ "title": "Cloud DNS managed zone must enable DNSSEC",
200
+ "detect": {
201
+ "target": "terraform",
202
+ "resourceType": "google_dns_managed_zone",
203
+ "require": "dnssec_config"
204
+ },
205
+ "remediate": {
206
+ "strategy": "set-attr",
207
+ "ensure": { "dnssec_config.state": "\"on\"" }
208
+ },
209
+ "requiredActions": [
210
+ "Add dnssec_config { state = \"on\" } to the google_dns_managed_zone."
211
+ ]
212
+ },
213
+ {
214
+ "ruleId": "GCP_REDIS_AUTH",
215
+ "threat": "A Memorystore Redis instance without AUTH accepts unauthenticated commands from anyone who can reach it on the network.",
216
+ "frameworks": ["CIS GCP Foundations Benchmark 6.x"],
217
+ "severity": "MEDIUM",
218
+ "title": "Memorystore Redis must enable AUTH",
219
+ "detect": {
220
+ "target": "terraform",
221
+ "resourceType": "google_redis_instance",
222
+ "require": "auth_enabled\\s*=\\s*true"
223
+ },
224
+ "remediate": {
225
+ "strategy": "set-attr",
226
+ "ensure": { "auth_enabled": "true" }
227
+ },
228
+ "requiredActions": [
229
+ "Set auth_enabled = true on the google_redis_instance (and enable transit_encryption_mode)."
230
+ ]
231
+ },
232
+ {
233
+ "ruleId": "GCP_GKE_PRIVATE_NODES",
234
+ "threat": "GKE nodes with public IPs enlarge the attack surface and expose the kubelet/node to internet scanning.",
235
+ "frameworks": ["CIS GCP Foundations Benchmark 7.15"],
236
+ "severity": "MEDIUM",
237
+ "title": "GKE cluster should use private nodes",
238
+ "detect": {
239
+ "target": "terraform",
240
+ "resourceType": "google_container_cluster",
241
+ "require": "enable_private_nodes\\s*=\\s*true"
242
+ },
243
+ "remediate": {
244
+ "strategy": "manual",
245
+ "snippet": "Add private_cluster_config { enable_private_nodes = true, master_ipv4_cidr_block = \"172.16.0.0/28\" } — the master CIDR must be chosen to avoid overlap, so review before applying."
246
+ },
247
+ "requiredActions": [
248
+ "Enable private_cluster_config.enable_private_nodes and set a non-overlapping master_ipv4_cidr_block on the google_container_cluster."
249
+ ]
250
+ },
251
+ {
252
+ "ruleId": "GCP_SQL_NO_OPEN_AUTH_NET",
253
+ "threat": "A Cloud SQL authorized network of 0.0.0.0/0 exposes the database to the entire internet.",
254
+ "frameworks": ["CIS GCP Foundations Benchmark 6.5"],
255
+ "severity": "HIGH",
256
+ "title": "Cloud SQL must not authorize 0.0.0.0/0",
257
+ "detect": {
258
+ "target": "terraform",
259
+ "resourceType": "google_sql_database_instance",
260
+ "forbid": "0\\.0\\.0\\.0/0"
261
+ },
262
+ "remediate": {
263
+ "strategy": "manual",
264
+ "snippet": "Replace the authorized_networks value 0.0.0.0/0 with specific corporate/VPC CIDRs, or disable public IP and use private IP. Auto-fix cannot choose a safe CIDR."
265
+ },
266
+ "requiredActions": [
267
+ "Remove the 0.0.0.0/0 authorized network from the google_sql_database_instance and use private IP or a specific allowlist."
268
+ ]
269
+ },
270
+ {
271
+ "ruleId": "GCP_GKE_NODE_AUTO_REPAIR",
272
+ "threat": "Node pools without auto-repair can run degraded/compromised nodes indefinitely without remediation.",
273
+ "frameworks": ["CIS GCP Foundations Benchmark 7.8"],
274
+ "severity": "LOW",
275
+ "title": "GKE node pool must enable auto-repair",
276
+ "detect": {
277
+ "target": "terraform",
278
+ "resourceType": "google_container_node_pool",
279
+ "require": "auto_repair\\s*=\\s*true"
280
+ },
281
+ "remediate": {
282
+ "strategy": "set-attr",
283
+ "ensure": { "management.auto_repair": "true" }
284
+ },
285
+ "requiredActions": [
286
+ "Add management { auto_repair = true } to the google_container_node_pool."
287
+ ]
288
+ },
289
+ {
290
+ "ruleId": "GCP_GKE_NODE_AUTO_UPGRADE",
291
+ "threat": "Node pools without auto-upgrade keep running known-vulnerable Kubernetes/OS versions.",
292
+ "frameworks": ["CIS GCP Foundations Benchmark 7.9"],
293
+ "severity": "MEDIUM",
294
+ "title": "GKE node pool must enable auto-upgrade",
295
+ "detect": {
296
+ "target": "terraform",
297
+ "resourceType": "google_container_node_pool",
298
+ "require": "auto_upgrade\\s*=\\s*true"
299
+ },
300
+ "remediate": {
301
+ "strategy": "set-attr",
302
+ "ensure": { "management.auto_upgrade": "true" }
303
+ },
304
+ "requiredActions": [
305
+ "Add management { auto_upgrade = true } to the google_container_node_pool."
306
+ ]
307
+ },
308
+ {
309
+ "ruleId": "GCP_FIREWALL_NO_OPEN_ADMIN",
310
+ "threat": "A firewall rule allowing 0.0.0.0/0 ingress exposes admin/database ports to internet-wide scanning and brute force.",
311
+ "frameworks": ["CIS GCP Foundations Benchmark 3.6", "CIS GCP Foundations Benchmark 3.7"],
312
+ "severity": "HIGH",
313
+ "title": "Firewall must not allow 0.0.0.0/0 to admin ports",
314
+ "detect": {
315
+ "target": "terraform",
316
+ "resourceType": "google_compute_firewall",
317
+ "forbid": "0\\.0\\.0\\.0/0"
318
+ },
319
+ "remediate": {
320
+ "strategy": "manual",
321
+ "snippet": "Replace source_ranges 0.0.0.0/0 with specific corporate/VPC CIDRs, or use IAP for TCP forwarding for 22/3389. Auto-fix cannot choose a safe source range."
322
+ },
323
+ "requiredActions": [
324
+ "Restrict source_ranges on the google_compute_firewall (especially for SSH/RDP/DB ports)."
325
+ ]
326
+ },
327
+ {
328
+ "ruleId": "GCP_GKE_BINARY_AUTHORIZATION",
329
+ "threat": "Without Binary Authorization, unsigned or untrusted container images can be deployed to the cluster.",
330
+ "frameworks": ["CIS GCP Foundations Benchmark 7.12"],
331
+ "severity": "MEDIUM",
332
+ "title": "GKE cluster should enable Binary Authorization",
333
+ "detect": {
334
+ "target": "terraform",
335
+ "resourceType": "google_container_cluster",
336
+ "require": "binary_authorization"
337
+ },
338
+ "remediate": {
339
+ "strategy": "manual",
340
+ "snippet": "Add binary_authorization { evaluation_mode = \"PROJECT_SINGLETON_POLICY_ENFORCE\" } and define attestors. Policy design requires review."
341
+ },
342
+ "requiredActions": [
343
+ "Enable binary_authorization with policy enforcement on the google_container_cluster."
344
+ ]
345
+ },
346
+ {
347
+ "ruleId": "GCP_COMPUTE_OSLOGIN",
348
+ "threat": "Without OS Login, SSH keys are managed in metadata rather than IAM, weakening access control and auditing.",
349
+ "frameworks": ["CIS GCP Foundations Benchmark 4.4"],
350
+ "severity": "LOW",
351
+ "title": "Compute instance should enable OS Login",
352
+ "detect": {
353
+ "target": "terraform",
354
+ "resourceType": "google_compute_instance",
355
+ "require": "enable-oslogin"
356
+ },
357
+ "remediate": {
358
+ "strategy": "manual",
359
+ "snippet": "Set metadata = { enable-oslogin = \"TRUE\" } on the instance (or enforce the org policy). Auto-fix avoids editing the metadata map to prevent clobbering other keys."
360
+ },
361
+ "requiredActions": [
362
+ "Enable OS Login via metadata enable-oslogin = TRUE (prefer the org-level constraint)."
363
+ ]
364
+ },
365
+ {
366
+ "ruleId": "GCP_KMS_KEY_NOT_PUBLIC",
367
+ "threat": "A KMS key IAM binding to allUsers/allAuthenticatedUsers lets anyone use the key to decrypt or sign.",
368
+ "frameworks": ["CIS GCP Foundations Benchmark 1.10"],
369
+ "severity": "CRITICAL",
370
+ "title": "KMS key must not be publicly accessible",
371
+ "detect": {
372
+ "target": "terraform",
373
+ "resourceType": "google_kms_crypto_key_iam_member",
374
+ "forbid": "allAuthenticatedUsers|allUsers"
375
+ },
376
+ "remediate": {
377
+ "strategy": "manual",
378
+ "snippet": "Remove the allUsers/allAuthenticatedUsers member from the KMS key IAM binding and grant explicit principals."
379
+ },
380
+ "requiredActions": [
381
+ "Remove public members from the google_kms_crypto_key_iam_member binding."
382
+ ]
383
+ },
384
+ {
385
+ "ruleId": "GCP_GKE_INTRANODE_VISIBILITY",
386
+ "threat": "Without intranode visibility, pod-to-pod traffic on the same node bypasses VPC flow logging and firewall enforcement.",
387
+ "frameworks": ["CIS GCP Foundations Benchmark 7.16"],
388
+ "severity": "LOW",
389
+ "title": "GKE cluster should enable intranode visibility",
390
+ "detect": {
391
+ "target": "terraform",
392
+ "resourceType": "google_container_cluster",
393
+ "require": "enable_intranode_visibility\\s*=\\s*true"
394
+ },
395
+ "remediate": {
396
+ "strategy": "set-attr",
397
+ "ensure": { "enable_intranode_visibility": "true" }
398
+ },
399
+ "requiredActions": [
400
+ "Set enable_intranode_visibility = true on the google_container_cluster."
401
+ ]
402
+ },
403
+ {
404
+ "ruleId": "GCP_GKE_NODE_SECURE_BOOT",
405
+ "threat": "GKE nodes without Secure Boot can be persisted by a boot-level rootkit after compromise.",
406
+ "frameworks": ["CIS GCP Foundations Benchmark 7.10"],
407
+ "severity": "LOW",
408
+ "title": "GKE node pool should enable Secure Boot",
409
+ "detect": {
410
+ "target": "terraform",
411
+ "resourceType": "google_container_node_pool",
412
+ "require": "enable_secure_boot\\s*=\\s*true"
413
+ },
414
+ "remediate": {
415
+ "strategy": "set-attr",
416
+ "ensure": { "shielded_instance_config.enable_secure_boot": "true" }
417
+ },
418
+ "requiredActions": [
419
+ "Add shielded_instance_config { enable_secure_boot = true } to the google_container_node_pool."
420
+ ]
421
+ },
422
+ {
423
+ "ruleId": "GCP_NO_SERVICE_ACCOUNT_KEY",
424
+ "threat": "A user-managed service account key is a long-lived static credential with no expiry — the top GCP breach vector.",
425
+ "frameworks": ["CIS GCP Foundations Benchmark 1.4"],
426
+ "severity": "HIGH",
427
+ "title": "Avoid user-managed service account keys",
428
+ "detect": {
429
+ "target": "terraform",
430
+ "resourceType": "google_service_account_key",
431
+ "forbid": "google_service_account"
432
+ },
433
+ "remediate": {
434
+ "strategy": "manual",
435
+ "snippet": "Remove the google_service_account_key and use Workload Identity / Workload Identity Federation (keyless) instead."
436
+ },
437
+ "requiredActions": [
438
+ "Eliminate the google_service_account_key; adopt Workload Identity Federation."
439
+ ]
440
+ },
441
+ {
442
+ "ruleId": "GCP_IAM_NO_PRIMITIVE_ROLES",
443
+ "threat": "Granting roles/owner or roles/editor at the project level gives broad, hard-to-audit privilege — ideal for lateral movement.",
444
+ "frameworks": ["CIS GCP Foundations Benchmark 1.5", "CIS GCP Foundations Benchmark 1.6"],
445
+ "severity": "MEDIUM",
446
+ "title": "Avoid primitive roles/owner and roles/editor bindings",
447
+ "detect": {
448
+ "target": "terraform",
449
+ "resourceType": "google_project_iam_member",
450
+ "forbid": "\"roles/owner\"|\"roles/editor\""
451
+ },
452
+ "remediate": {
453
+ "strategy": "manual",
454
+ "snippet": "Replace roles/owner or roles/editor with a least-privilege predefined or custom role. Auto-fix cannot infer the minimal role required."
455
+ },
456
+ "requiredActions": [
457
+ "Replace the primitive role in google_project_iam_member with a least-privilege role."
458
+ ]
459
+ },
460
+ {
461
+ "ruleId": "GCP_CLOUD_RUN_NO_PUBLIC",
462
+ "threat": "A Cloud Run service granting allUsers the invoker role is an unauthenticated internet endpoint.",
463
+ "frameworks": ["CIS GCP Foundations Benchmark 4.x"],
464
+ "severity": "HIGH",
465
+ "title": "Cloud Run service must not allow unauthenticated (allUsers) invocation",
466
+ "detect": {
467
+ "target": "terraform",
468
+ "resourceType": "google_cloud_run_service_iam_member",
469
+ "forbid": "allUsers"
470
+ },
471
+ "remediate": {
472
+ "strategy": "manual",
473
+ "snippet": "Remove the allUsers invoker binding and front the service with IAP / an authenticated gateway, or grant specific principals."
474
+ },
475
+ "requiredActions": [
476
+ "Remove the allUsers run.invoker binding from the google_cloud_run_service_iam_member."
477
+ ]
478
+ },
479
+ {
480
+ "ruleId": "GCP_SQL_PITR",
481
+ "threat": "Without point-in-time recovery, a Cloud SQL instance cannot be restored to a moment before a destructive or ransomware event.",
482
+ "frameworks": ["CIS GCP Foundations Benchmark 6.7"],
483
+ "severity": "MEDIUM",
484
+ "title": "Cloud SQL instance should enable point-in-time recovery",
485
+ "detect": {
486
+ "target": "terraform",
487
+ "resourceType": "google_sql_database_instance",
488
+ "require": "point_in_time_recovery_enabled\\s*=\\s*true"
489
+ },
490
+ "remediate": {
491
+ "strategy": "set-attr",
492
+ "ensure": { "settings.backup_configuration.point_in_time_recovery_enabled": "true" }
493
+ },
494
+ "requiredActions": [
495
+ "Set settings { backup_configuration { point_in_time_recovery_enabled = true } } on the google_sql_database_instance (Postgres) or enable binary logging (MySQL)."
496
+ ]
497
+ },
498
+ {
499
+ "ruleId": "GCP_GKE_RELEASE_CHANNEL",
500
+ "threat": "A cluster not subscribed to a release channel falls behind on security patches and CVE fixes.",
501
+ "frameworks": ["CIS GCP Foundations Benchmark 7.x"],
502
+ "severity": "LOW",
503
+ "title": "GKE cluster should subscribe to a release channel",
504
+ "detect": {
505
+ "target": "terraform",
506
+ "resourceType": "google_container_cluster",
507
+ "require": "release_channel"
508
+ },
509
+ "remediate": {
510
+ "strategy": "set-attr",
511
+ "ensure": { "release_channel.channel": "\"REGULAR\"" }
512
+ },
513
+ "requiredActions": [
514
+ "Add release_channel { channel = \"REGULAR\" } to the google_container_cluster."
515
+ ]
516
+ },
517
+ {
518
+ "ruleId": "GCP_DATAPROC_INTERNAL_IP",
519
+ "threat": "A Dataproc cluster with public IPs on its nodes enlarges the attack surface and exposes workers to the internet.",
520
+ "frameworks": ["CIS GCP Foundations Benchmark 7.x"],
521
+ "severity": "MEDIUM",
522
+ "title": "Dataproc cluster should use internal IPs only",
523
+ "detect": {
524
+ "target": "terraform",
525
+ "resourceType": "google_dataproc_cluster",
526
+ "require": "internal_ip_only\\s*=\\s*true"
527
+ },
528
+ "remediate": {
529
+ "strategy": "manual",
530
+ "snippet": "Set cluster_config { gce_cluster_config { internal_ip_only = true } } — this requires Private Google Access on the subnet, so apply with networking review."
531
+ },
532
+ "requiredActions": [
533
+ "Enable internal_ip_only on the google_dataproc_cluster (requires Private Google Access)."
534
+ ]
535
+ },
536
+ {
537
+ "ruleId": "GCP_GCS_BUCKET_CMEK",
538
+ "threat": "A bucket without a customer-managed encryption key relies on Google-managed keys, reducing key control and revocation.",
539
+ "frameworks": ["CIS GCP Foundations Benchmark 5.x"],
540
+ "severity": "LOW",
541
+ "title": "GCS bucket should use a customer-managed encryption key",
542
+ "detect": {
543
+ "target": "terraform",
544
+ "resourceType": "google_storage_bucket",
545
+ "require": "default_kms_key_name"
546
+ },
547
+ "remediate": {
548
+ "strategy": "manual",
549
+ "snippet": "Add encryption { default_kms_key_name = <kms-key> } to the google_storage_bucket. The CMEK resource must be supplied."
550
+ },
551
+ "requiredActions": [
552
+ "Configure CMEK via encryption.default_kms_key_name on the google_storage_bucket."
553
+ ]
554
+ },
555
+ {
556
+ "ruleId": "GCP_COMPUTE_NO_PUBLIC_IP",
557
+ "threat": "A Compute instance with an external IP (access_config) is directly reachable from the internet, widening the attack surface.",
558
+ "frameworks": ["CIS GCP Foundations Benchmark 4.9"],
559
+ "severity": "MEDIUM",
560
+ "title": "Compute instance should not have a public IP",
561
+ "detect": {
562
+ "target": "terraform",
563
+ "resourceType": "google_compute_instance",
564
+ "forbid": "access_config\\s*\\{"
565
+ },
566
+ "remediate": {
567
+ "strategy": "manual",
568
+ "snippet": "Remove the access_config block from the network_interface to drop the external IP; reach the VM via IAP or a bastion. Auto-fix avoids deleting blocks."
569
+ },
570
+ "requiredActions": [
571
+ "Remove the access_config (external IP) from the google_compute_instance network_interface."
572
+ ]
573
+ },
574
+ {
575
+ "ruleId": "GCP_NOTEBOOK_NO_PUBLIC_IP",
576
+ "threat": "A Vertex AI / AI Platform notebook with a public IP is internet-reachable and a prime target for compromise and data exfiltration.",
577
+ "frameworks": ["CIS GCP Foundations Benchmark 4.x"],
578
+ "severity": "MEDIUM",
579
+ "title": "AI notebook instance must not have a public IP",
580
+ "detect": {
581
+ "target": "terraform",
582
+ "resourceType": "google_notebooks_instance",
583
+ "require": "no_public_ip\\s*=\\s*true"
584
+ },
585
+ "remediate": {
586
+ "strategy": "set-attr",
587
+ "ensure": { "no_public_ip": "true" }
588
+ },
589
+ "requiredActions": [
590
+ "Set no_public_ip = true on the google_notebooks_instance."
591
+ ]
592
+ },
593
+ {
594
+ "ruleId": "GCP_GKE_MASTER_AUTHORIZED_NETWORKS",
595
+ "threat": "A GKE control plane reachable from any IP is exposed to credential stuffing and API exploitation.",
596
+ "frameworks": ["CIS GCP Foundations Benchmark 7.14"],
597
+ "severity": "MEDIUM",
598
+ "title": "GKE cluster should restrict master authorized networks",
599
+ "detect": {
600
+ "target": "terraform",
601
+ "resourceType": "google_container_cluster",
602
+ "require": "master_authorized_networks_config"
603
+ },
604
+ "remediate": {
605
+ "strategy": "manual",
606
+ "snippet": "Add master_authorized_networks_config { cidr_blocks { cidr_block = <admin-cidr> } }. The allowed CIDRs must be chosen by a human."
607
+ },
608
+ "requiredActions": [
609
+ "Restrict the GKE control plane via master_authorized_networks_config."
610
+ ]
611
+ },
612
+ {
613
+ "ruleId": "GCP_GKE_DATABASE_ENCRYPTION",
614
+ "threat": "Without application-layer secrets encryption, Kubernetes Secrets are stored only base64-encoded in etcd.",
615
+ "frameworks": ["CIS GCP Foundations Benchmark 7.13"],
616
+ "severity": "MEDIUM",
617
+ "title": "GKE cluster should enable application-layer secrets encryption",
618
+ "detect": {
619
+ "target": "terraform",
620
+ "resourceType": "google_container_cluster",
621
+ "require": "database_encryption"
622
+ },
623
+ "remediate": {
624
+ "strategy": "manual",
625
+ "snippet": "Add database_encryption { state = \"ENCRYPTED\", key_name = <kms-key> }. A Cloud KMS key must be supplied."
626
+ },
627
+ "requiredActions": [
628
+ "Enable database_encryption (ENCRYPTED, with a KMS key) on the google_container_cluster."
629
+ ]
630
+ },
631
+ {
632
+ "ruleId": "GCP_COMPUTE_CONFIDENTIAL_VM",
633
+ "threat": "Without Confidential VM, memory is not encrypted in use — a hypervisor-level compromise can read sensitive in-memory data.",
634
+ "frameworks": ["CIS GCP Foundations Benchmark 4.11"],
635
+ "severity": "LOW",
636
+ "title": "Compute instance may enable Confidential VM",
637
+ "detect": {
638
+ "target": "terraform",
639
+ "resourceType": "google_compute_instance",
640
+ "require": "enable_confidential_compute\\s*=\\s*true"
641
+ },
642
+ "remediate": {
643
+ "strategy": "manual",
644
+ "snippet": "Add confidential_instance_config { enable_confidential_compute = true } and use an N2D/C2D machine type with on_host_maintenance = TERMINATE. Machine-type constraints require review."
645
+ },
646
+ "requiredActions": [
647
+ "Enable Confidential VM (confidential_instance_config) on a supported machine type."
648
+ ]
649
+ },
650
+ {
651
+ "ruleId": "GCP_GKE_CLIENT_CERT_DISABLED",
652
+ "threat": "A GKE client certificate is a long-lived, non-revocable credential that bypasses IAM if it leaks.",
653
+ "frameworks": ["CIS GCP Foundations Benchmark 7.x"],
654
+ "severity": "MEDIUM",
655
+ "title": "GKE cluster must disable client certificate auth",
656
+ "detect": {
657
+ "target": "terraform",
658
+ "resourceType": "google_container_cluster",
659
+ "forbid": "issue_client_certificate\\s*=\\s*true"
660
+ },
661
+ "remediate": {
662
+ "strategy": "set-attr",
663
+ "ensure": { "master_auth.client_certificate_config.issue_client_certificate": "false" }
664
+ },
665
+ "requiredActions": [
666
+ "Set master_auth { client_certificate_config { issue_client_certificate = false } } on the google_container_cluster."
667
+ ]
668
+ },
669
+ {
670
+ "ruleId": "GCP_PUBSUB_CMEK",
671
+ "threat": "A Pub/Sub topic without a CMK relies on Google-managed keys, reducing key control over message data at rest.",
672
+ "frameworks": ["CIS GCP Foundations Benchmark 5.x"],
673
+ "severity": "LOW",
674
+ "title": "Pub/Sub topic should use a customer-managed key",
675
+ "detect": {
676
+ "target": "terraform",
677
+ "resourceType": "google_pubsub_topic",
678
+ "require": "kms_key_name"
679
+ },
680
+ "remediate": {
681
+ "strategy": "manual",
682
+ "snippet": "Set kms_key_name to a Cloud KMS key on the google_pubsub_topic. The CMEK resource must be supplied."
683
+ },
684
+ "requiredActions": [
685
+ "Configure CMEK via kms_key_name on the google_pubsub_topic."
686
+ ]
687
+ },
688
+ {
689
+ "ruleId": "GCP_FUNCTION_INTERNAL_INGRESS",
690
+ "threat": "A Cloud Function accepting all ingress is internet-exposed; internal-only ingress shrinks the attack surface.",
691
+ "frameworks": ["CIS GCP Foundations Benchmark 4.x"],
692
+ "severity": "LOW",
693
+ "title": "Cloud Function should restrict ingress",
694
+ "detect": {
695
+ "target": "terraform",
696
+ "resourceType": "google_cloudfunctions2_function",
697
+ "require": "ingress_settings"
698
+ },
699
+ "remediate": {
700
+ "strategy": "manual",
701
+ "snippet": "Set service_config { ingress_settings = \"ALLOW_INTERNAL_ONLY\" } (or ALLOW_INTERNAL_AND_GCLB) unless the function must be public."
702
+ },
703
+ "requiredActions": [
704
+ "Restrict ingress_settings on the google_cloudfunctions2_function."
705
+ ]
706
+ },
707
+ {
708
+ "ruleId": "GCP_DATAPROC_KMS",
709
+ "threat": "A Dataproc cluster without CMEK relies on Google-managed keys for PD and job data at rest.",
710
+ "frameworks": ["CIS GCP Foundations Benchmark 7.x"],
711
+ "severity": "LOW",
712
+ "title": "Dataproc cluster should use a customer-managed key",
713
+ "detect": {
714
+ "target": "terraform",
715
+ "resourceType": "google_dataproc_cluster",
716
+ "require": "kms_key_name"
717
+ },
718
+ "remediate": {
719
+ "strategy": "manual",
720
+ "snippet": "Set cluster_config { encryption_config { gce_pd_kms_key_name = <kms-key> } } on the google_dataproc_cluster."
721
+ },
722
+ "requiredActions": [
723
+ "Configure CMEK (gce_pd_kms_key_name) on the google_dataproc_cluster."
724
+ ]
725
+ },
726
+ {
727
+ "ruleId": "GCP_VPC_FLOW_LOGS",
728
+ "threat": "Without VPC flow logs there is no network-level record of exfiltration or lateral movement between subnets.",
729
+ "frameworks": ["CIS GCP Foundations Benchmark 3.8"],
730
+ "severity": "LOW",
731
+ "title": "VPC subnet should enable flow logs",
732
+ "detect": {
733
+ "target": "terraform",
734
+ "resourceType": "google_compute_subnetwork",
735
+ "require": "log_config"
736
+ },
737
+ "remediate": {
738
+ "strategy": "manual",
739
+ "snippet": "Add log_config { aggregation_interval = \"INTERVAL_5_SEC\", flow_sampling = 0.5, metadata = \"INCLUDE_ALL_METADATA\" } to the google_compute_subnetwork."
740
+ },
741
+ "requiredActions": [
742
+ "Enable log_config (flow logs) on the google_compute_subnetwork."
743
+ ]
744
+ },
745
+ {
746
+ "ruleId": "GCP_COMPUTE_BLOCK_PROJECT_SSH",
747
+ "threat": "Allowing project-wide SSH keys widens blast radius: any project SSH key can log into this VM.",
748
+ "frameworks": ["CIS GCP Foundations Benchmark 4.3"],
749
+ "severity": "LOW",
750
+ "title": "Compute instance should block project-wide SSH keys",
751
+ "detect": {
752
+ "target": "terraform",
753
+ "resourceType": "google_compute_instance",
754
+ "require": "block-project-ssh-keys"
755
+ },
756
+ "remediate": {
757
+ "strategy": "manual",
758
+ "snippet": "Set metadata = { block-project-ssh-keys = \"true\" } (or enforce OS Login). Auto-fix avoids editing the metadata map to prevent clobbering other keys."
759
+ },
760
+ "requiredActions": [
761
+ "Block project-wide SSH keys on the google_compute_instance (prefer OS Login)."
762
+ ]
763
+ },
764
+ {
765
+ "ruleId": "GCP_BIGQUERY_CMEK",
766
+ "threat": "A BigQuery dataset without a customer-managed key relies on Google-managed keys, reducing key control over data at rest.",
767
+ "frameworks": ["CIS GCP Foundations Benchmark 7.2"],
768
+ "severity": "LOW",
769
+ "title": "BigQuery dataset should use a customer-managed key",
770
+ "detect": {
771
+ "target": "terraform",
772
+ "resourceType": "google_bigquery_dataset",
773
+ "require": "default_encryption_configuration"
774
+ },
775
+ "remediate": {
776
+ "strategy": "manual",
777
+ "snippet": "Add default_encryption_configuration { kms_key_name = <kms-key> } to the google_bigquery_dataset. The CMEK key must be supplied."
778
+ },
779
+ "requiredActions": [
780
+ "Configure CMEK (default_encryption_configuration) on the google_bigquery_dataset."
781
+ ]
782
+ },
783
+ {
784
+ "ruleId": "GCP_COMPUTE_DISK_CMEK",
785
+ "threat": "A persistent disk without a customer-managed key relies on Google-managed keys, reducing key control over data at rest.",
786
+ "frameworks": ["CIS GCP Foundations Benchmark 4.7"],
787
+ "severity": "LOW",
788
+ "title": "Compute disk should use a customer-managed encryption key",
789
+ "detect": {
790
+ "target": "terraform",
791
+ "resourceType": "google_compute_disk",
792
+ "require": "disk_encryption_key"
793
+ },
794
+ "remediate": {
795
+ "strategy": "manual",
796
+ "snippet": "Add disk_encryption_key { kms_key_self_link = <kms-key> } to the google_compute_disk. The CMEK key must be supplied."
797
+ },
798
+ "requiredActions": [
799
+ "Configure CMEK (disk_encryption_key) on the google_compute_disk."
800
+ ]
801
+ },
802
+ {
803
+ "ruleId": "GCP_SPANNER_CMEK",
804
+ "threat": "A Spanner database without CMEK relies on Google-managed keys for data at rest.",
805
+ "frameworks": ["CIS GCP Foundations Benchmark 5.x"],
806
+ "severity": "LOW",
807
+ "title": "Spanner database should use a customer-managed key",
808
+ "detect": {
809
+ "target": "terraform",
810
+ "resourceType": "google_spanner_database",
811
+ "require": "encryption_config"
812
+ },
813
+ "remediate": {
814
+ "strategy": "manual",
815
+ "snippet": "Add encryption_config { kms_key_name = <kms-key> } to the google_spanner_database."
816
+ },
817
+ "requiredActions": [
818
+ "Configure CMEK (encryption_config) on the google_spanner_database."
819
+ ]
820
+ },
821
+ {
822
+ "ruleId": "GCP_LOGGING_BUCKET_RETENTION_LOCK",
823
+ "threat": "An unlocked log bucket can be shortened or purged by an attacker covering tracks; a locked retention prevents tampering.",
824
+ "frameworks": ["CIS GCP Foundations Benchmark 2.3"],
825
+ "severity": "LOW",
826
+ "title": "Logging bucket should lock its retention policy",
827
+ "detect": {
828
+ "target": "terraform",
829
+ "resourceType": "google_logging_project_bucket_config",
830
+ "require": "locked\\s*=\\s*true"
831
+ },
832
+ "remediate": {
833
+ "strategy": "manual",
834
+ "snippet": "Set locked = true and a retention_days on the google_logging_project_bucket_config. Locking is irreversible, so apply deliberately."
835
+ },
836
+ "requiredActions": [
837
+ "Lock the retention policy on the google_logging_project_bucket_config (irreversible)."
838
+ ]
839
+ },
840
+ {
841
+ "ruleId": "GCP_SECRET_MANAGER_CMEK",
842
+ "threat": "A Secret Manager secret without CMEK relies on Google-managed keys, reducing key control and revocation over secret material.",
843
+ "frameworks": ["CIS GCP Foundations Benchmark 1.x"],
844
+ "severity": "LOW",
845
+ "title": "Secret Manager secret should use a customer-managed key",
846
+ "detect": {
847
+ "target": "terraform",
848
+ "resourceType": "google_secret_manager_secret",
849
+ "require": "customer_managed_encryption"
850
+ },
851
+ "remediate": {
852
+ "strategy": "manual",
853
+ "snippet": "Add replication { user_managed { replicas { customer_managed_encryption { kms_key_name = <kms-key> } } } } to the google_secret_manager_secret."
854
+ },
855
+ "requiredActions": [
856
+ "Configure CMEK (customer_managed_encryption) on the google_secret_manager_secret."
857
+ ]
858
+ },
859
+ {
860
+ "ruleId": "GCP_ARTIFACT_REGISTRY_CMEK",
861
+ "threat": "An Artifact Registry without CMEK relies on Google-managed keys for stored images/packages at rest.",
862
+ "frameworks": ["CIS GCP Foundations Benchmark 5.x"],
863
+ "severity": "LOW",
864
+ "title": "Artifact Registry should use a customer-managed key",
865
+ "detect": {
866
+ "target": "terraform",
867
+ "resourceType": "google_artifact_registry_repository",
868
+ "require": "kms_key_name"
869
+ },
870
+ "remediate": {
871
+ "strategy": "manual",
872
+ "snippet": "Set kms_key_name = <kms-key> on the google_artifact_registry_repository."
873
+ },
874
+ "requiredActions": [
875
+ "Configure CMEK (kms_key_name) on the google_artifact_registry_repository."
876
+ ]
877
+ },
878
+ {
879
+ "ruleId": "GCP_GKE_COS_IMAGE",
880
+ "threat": "Non-COS node images have a larger attack surface and weaker default hardening than Container-Optimized OS.",
881
+ "frameworks": ["CIS GCP Foundations Benchmark 7.x"],
882
+ "severity": "LOW",
883
+ "title": "GKE node pool should use a Container-Optimized OS image",
884
+ "detect": {
885
+ "target": "terraform",
886
+ "resourceType": "google_container_node_pool",
887
+ "require": "image_type\\s*=\\s*\"COS"
888
+ },
889
+ "remediate": {
890
+ "strategy": "manual",
891
+ "snippet": "Set node_config { image_type = \"COS_CONTAINERD\" } on the google_container_node_pool."
892
+ },
893
+ "requiredActions": [
894
+ "Use a COS/COS_CONTAINERD image_type on the google_container_node_pool."
895
+ ]
896
+ },
897
+ {
898
+ "ruleId": "GCP_GKE_LEGACY_ABAC",
899
+ "threat": "Legacy ABAC grants broad, static permissions that bypass fine-grained RBAC; any leaked node or pod token inherits sweeping cluster access.",
900
+ "frameworks": ["CIS GCP Foundations Benchmark 7.3"],
901
+ "severity": "MEDIUM",
902
+ "title": "GKE cluster must not enable legacy ABAC",
903
+ "detect": {
904
+ "target": "terraform",
905
+ "resourceType": "google_container_cluster",
906
+ "forbid": "enable_legacy_abac\\s*\\{[^}]*enabled\\s*=\\s*true"
907
+ },
908
+ "remediate": {
909
+ "strategy": "manual",
910
+ "snippet": "Remove enable_legacy_abac or set enable_legacy_abac { enabled = false } on the google_container_cluster and rely on RBAC."
911
+ },
912
+ "requiredActions": [
913
+ "Disable legacy ABAC on the google_container_cluster; enforce authorization via RBAC."
914
+ ]
915
+ },
916
+ {
917
+ "ruleId": "GCP_STORAGE_VERSIONING",
918
+ "threat": "Without object versioning, a malicious or accidental overwrite/delete of bucket objects is unrecoverable — no ransomware rollback.",
919
+ "frameworks": ["CIS GCP Foundations Benchmark 5.3"],
920
+ "severity": "LOW",
921
+ "title": "Storage bucket should enable object versioning",
922
+ "detect": {
923
+ "target": "terraform",
924
+ "resourceType": "google_storage_bucket",
925
+ "require": "versioning\\s*\\{[^}]*enabled\\s*=\\s*true"
926
+ },
927
+ "remediate": {
928
+ "strategy": "manual",
929
+ "snippet": "Add versioning { enabled = true } to the google_storage_bucket."
930
+ },
931
+ "requiredActions": [
932
+ "Add versioning { enabled = true } to the google_storage_bucket."
933
+ ]
934
+ },
935
+ {
936
+ "ruleId": "GCP_STORAGE_BUCKET_LOGGING",
937
+ "threat": "Without access/storage logging, bulk object reads (data exfiltration) leave no audit trail on the bucket.",
938
+ "frameworks": ["CIS GCP Foundations Benchmark 5.3"],
939
+ "severity": "LOW",
940
+ "title": "Storage bucket should enable access logging",
941
+ "detect": {
942
+ "target": "terraform",
943
+ "resourceType": "google_storage_bucket",
944
+ "require": "logging\\s*\\{"
945
+ },
946
+ "remediate": {
947
+ "strategy": "manual",
948
+ "snippet": "Add a logging { log_bucket = <dedicated-log-bucket> } block to the google_storage_bucket pointing at a separate, access-restricted bucket."
949
+ },
950
+ "requiredActions": [
951
+ "Add a logging block to the google_storage_bucket targeting a dedicated log bucket."
952
+ ]
953
+ },
954
+ {
955
+ "ruleId": "GCP_COMPUTE_DISABLE_SERIAL_PORT",
956
+ "threat": "An enabled interactive serial console lets anyone with the project metadata permission attach and gain interactive access to the instance, bypassing SSH controls.",
957
+ "frameworks": ["CIS GCP Foundations Benchmark 4.5"],
958
+ "severity": "MEDIUM",
959
+ "title": "Compute instance must disable serial port access",
960
+ "detect": {
961
+ "target": "terraform",
962
+ "resourceType": "google_compute_instance",
963
+ "forbid": "serial-port-enable\\s*=\\s*\"?(true|1|TRUE)"
964
+ },
965
+ "remediate": {
966
+ "strategy": "manual",
967
+ "snippet": "Remove serial-port-enable from metadata or set it to \"false\" on the google_compute_instance."
968
+ },
969
+ "requiredActions": [
970
+ "Set metadata serial-port-enable = \"false\" (or remove it) on the google_compute_instance."
971
+ ]
972
+ },
973
+ {
974
+ "ruleId": "GCP_GKE_PRIVATE_ENDPOINT",
975
+ "threat": "A GKE cluster with a public control-plane endpoint exposes the Kubernetes API server to internet-wide credential stuffing and CVE exploitation.",
976
+ "frameworks": ["CIS GCP Foundations Benchmark 7.15"],
977
+ "severity": "MEDIUM",
978
+ "title": "GKE cluster should enable a private control-plane endpoint",
979
+ "detect": {
980
+ "target": "terraform",
981
+ "resourceType": "google_container_cluster",
982
+ "require": "enable_private_endpoint\\s*=\\s*true"
983
+ },
984
+ "remediate": {
985
+ "strategy": "manual",
986
+ "snippet": "Set private_cluster_config { enable_private_endpoint = true } and configure master_authorized_networks on the google_container_cluster. Networking choices require review."
987
+ },
988
+ "requiredActions": [
989
+ "Enable a private control-plane endpoint (private_cluster_config.enable_private_endpoint) on the google_container_cluster."
990
+ ]
991
+ },
992
+ {
993
+ "ruleId": "GCP_COMPUTE_ENABLE_VTPM",
994
+ "threat": "Without a virtual TPM, the instance cannot attest boot integrity, so a rootkit altering the boot chain goes undetected.",
995
+ "frameworks": ["CIS GCP Foundations Benchmark 4.8"],
996
+ "severity": "LOW",
997
+ "title": "Compute instance should enable vTPM",
998
+ "detect": {
999
+ "target": "terraform",
1000
+ "resourceType": "google_compute_instance",
1001
+ "require": "enable_vtpm\\s*=\\s*true"
1002
+ },
1003
+ "remediate": {
1004
+ "strategy": "manual",
1005
+ "snippet": "Add shielded_instance_config { enable_vtpm = true } to the google_compute_instance."
1006
+ },
1007
+ "requiredActions": [
1008
+ "Add shielded_instance_config { enable_vtpm = true } to the google_compute_instance."
1009
+ ]
1010
+ },
1011
+ {
1012
+ "ruleId": "GCP_SQL_CMEK",
1013
+ "threat": "A Cloud SQL instance without a customer-managed encryption key is encrypted only with Google-managed keys, leaving no customer-controlled revocation if the data must be cryptographically shredded.",
1014
+ "frameworks": ["CIS GCP Foundations Benchmark 6.3.x"],
1015
+ "severity": "MEDIUM",
1016
+ "title": "Cloud SQL instance should use a customer-managed encryption key",
1017
+ "detect": {
1018
+ "target": "terraform",
1019
+ "resourceType": "google_sql_database_instance",
1020
+ "require": "encryption_key_name"
1021
+ },
1022
+ "remediate": {
1023
+ "strategy": "manual",
1024
+ "snippet": "Set encryption_key_name to a Cloud KMS CryptoKey on the google_sql_database_instance (CMEK can only be set at creation)."
1025
+ },
1026
+ "requiredActions": [
1027
+ "Set encryption_key_name (a Cloud KMS key) on the google_sql_database_instance."
1028
+ ]
1029
+ },
1030
+ {
1031
+ "ruleId": "GCP_DNS_NO_RSASHA1",
1032
+ "threat": "DNSSEC signing with the broken RSASHA1 algorithm lets an attacker who can forge signatures spoof DNS responses for the zone.",
1033
+ "frameworks": ["CIS GCP Foundations Benchmark 3.4", "CIS GCP Foundations Benchmark 3.5"],
1034
+ "severity": "MEDIUM",
1035
+ "title": "DNS zone must not sign DNSSEC with RSASHA1",
1036
+ "detect": {
1037
+ "target": "terraform",
1038
+ "resourceType": "google_dns_managed_zone",
1039
+ "forbid": "algorithm\\s*=\\s*\"rsasha1\""
1040
+ },
1041
+ "remediate": {
1042
+ "strategy": "manual",
1043
+ "snippet": "Use a stronger DNSSEC algorithm (e.g. rsasha256 or ecdsap256sha256) in default_key_specs on the google_dns_managed_zone."
1044
+ },
1045
+ "requiredActions": [
1046
+ "Replace rsasha1 with rsasha256/ecdsap256sha256 in the DNSSEC key specs of the google_dns_managed_zone."
1047
+ ]
1048
+ },
1049
+ {
1050
+ "ruleId": "GCP_CLOUD_RUN_INGRESS_INTERNAL",
1051
+ "threat": "A Cloud Run service that accepts all ingress is directly reachable from the internet, widening the attack surface beyond a load balancer or internal callers.",
1052
+ "frameworks": ["CIS GCP Foundations Benchmark"],
1053
+ "severity": "MEDIUM",
1054
+ "title": "Cloud Run service should restrict ingress to internal/load-balancer",
1055
+ "detect": {
1056
+ "target": "terraform",
1057
+ "resourceType": "google_cloud_run_v2_service",
1058
+ "require": "ingress\\s*=\\s*\"INGRESS_TRAFFIC_(INTERNAL_ONLY|INTERNAL_LOAD_BALANCER)\""
1059
+ },
1060
+ "remediate": {
1061
+ "strategy": "manual",
1062
+ "snippet": "Set ingress = \"INGRESS_TRAFFIC_INTERNAL_ONLY\" (or INTERNAL_LOAD_BALANCER) on the google_cloud_run_v2_service unless it must be public."
1063
+ },
1064
+ "requiredActions": [
1065
+ "Restrict ingress on the google_cloud_run_v2_service to internal or load-balancer traffic."
1066
+ ]
1067
+ },
1068
+ {
1069
+ "ruleId": "GCP_GKE_WORKLOAD_IDENTITY",
1070
+ "threat": "Without Workload Identity, pods authenticate using the node service account or exported keys, so a compromised pod inherits broad node-level GCP permissions.",
1071
+ "frameworks": ["CIS GCP Foundations Benchmark 7.12"],
1072
+ "severity": "MEDIUM",
1073
+ "title": "GKE cluster should enable Workload Identity",
1074
+ "detect": {
1075
+ "target": "terraform",
1076
+ "resourceType": "google_container_cluster",
1077
+ "require": "workload_identity_config"
1078
+ },
1079
+ "remediate": {
1080
+ "strategy": "manual",
1081
+ "snippet": "Add workload_identity_config { workload_pool = \"<project>.svc.id.goog\" } to the google_container_cluster and bind KSAs to GSAs."
1082
+ },
1083
+ "requiredActions": [
1084
+ "Enable workload_identity_config on the google_container_cluster so pods use scoped identities, not the node SA."
1085
+ ]
1086
+ },
1087
+ {
1088
+ "ruleId": "GCP_STORAGE_PUBLIC_ACCESS_PREVENTION",
1089
+ "threat": "Without enforced public access prevention, a future IAM binding or ACL can grant allUsers/allAuthenticatedUsers and silently expose the bucket.",
1090
+ "frameworks": ["CIS GCP Foundations Benchmark 5.1"],
1091
+ "severity": "MEDIUM",
1092
+ "title": "Storage bucket must enforce public access prevention",
1093
+ "detect": {
1094
+ "target": "terraform",
1095
+ "resourceType": "google_storage_bucket",
1096
+ "require": "public_access_prevention\\s*=\\s*\"enforced\""
1097
+ },
1098
+ "remediate": {
1099
+ "strategy": "set-attr",
1100
+ "ensure": {
1101
+ "public_access_prevention": "\"enforced\""
1102
+ }
1103
+ },
1104
+ "requiredActions": [
1105
+ "Set public_access_prevention = \"enforced\" on the google_storage_bucket."
1106
+ ]
1107
+ },
1108
+ {
1109
+ "ruleId": "GCP_FUNCTION_NO_PUBLIC_INVOKER",
1110
+ "threat": "A Cloud Function IAM binding granting roles/cloudfunctions.invoker to allUsers makes the function an unauthenticated internet endpoint reaching its service account.",
1111
+ "frameworks": ["CIS GCP Foundations Benchmark"],
1112
+ "severity": "HIGH",
1113
+ "title": "Cloud Function must not grant invoker to allUsers",
1114
+ "detect": {
1115
+ "target": "terraform",
1116
+ "resourceType": "google_cloudfunctions2_function_iam_member",
1117
+ "forbid": "member\\s*=\\s*\"all(Users|AuthenticatedUsers)\""
1118
+ },
1119
+ "remediate": {
1120
+ "strategy": "manual",
1121
+ "snippet": "Replace member = \"allUsers\"/\"allAuthenticatedUsers\" with specific user/service-account principals on the google_cloudfunctions2_function_iam_member."
1122
+ },
1123
+ "requiredActions": [
1124
+ "Remove allUsers/allAuthenticatedUsers from the Cloud Function invoker binding; grant specific principals."
1125
+ ]
1126
+ },
1127
+ {
1128
+ "ruleId": "GCP_COMPUTE_NO_DEFAULT_SA_FULL_SCOPE",
1129
+ "threat": "An instance running as the default Compute Engine service account with the cloud-platform scope grants any code on the VM full API access to the project. A single RCE becomes total project compromise.",
1130
+ "frameworks": [
1131
+ "CIS GCP Foundations Benchmark 4.1"
1132
+ ],
1133
+ "severity": "HIGH",
1134
+ "title": "Do not grant the cloud-platform scope to Compute instances",
1135
+ "detect": {
1136
+ "target": "terraform",
1137
+ "resourceType": "google_compute_instance",
1138
+ "forbid": "scopes\\s*=\\s*\\[[^\\]]*cloud-platform"
1139
+ },
1140
+ "remediate": {
1141
+ "strategy": "manual",
1142
+ "snippet": "Attach a dedicated least-privilege service account and replace the broad cloud-platform scope with narrowly scoped OAuth scopes (or rely on IAM roles)."
1143
+ },
1144
+ "requiredActions": [
1145
+ "Replace the cloud-platform scope on the instance service_account block with the minimal scopes the workload needs."
1146
+ ]
1147
+ },
1148
+ {
1149
+ "ruleId": "GCP_COMPUTE_INTEGRITY_MONITORING",
1150
+ "threat": "Without integrity monitoring a rootkit or bootkit altering the VM boot sequence goes undetected, letting an attacker persist beneath the OS.",
1151
+ "frameworks": [
1152
+ "CIS GCP Foundations Benchmark 4.8"
1153
+ ],
1154
+ "severity": "MEDIUM",
1155
+ "title": "Enable Shielded VM integrity monitoring",
1156
+ "detect": {
1157
+ "target": "terraform",
1158
+ "resourceType": "google_compute_instance",
1159
+ "require": "enable_integrity_monitoring\\s*=\\s*true"
1160
+ },
1161
+ "remediate": {
1162
+ "strategy": "set-attr",
1163
+ "ensure": {
1164
+ "shielded_instance_config.enable_integrity_monitoring": "true"
1165
+ }
1166
+ },
1167
+ "requiredActions": [
1168
+ "Set shielded_instance_config.enable_integrity_monitoring = true on the instance."
1169
+ ]
1170
+ },
1171
+ {
1172
+ "ruleId": "GCP_COMPUTE_NO_PROJECT_SSH_KEYS_METADATA",
1173
+ "threat": "Adding SSH keys directly in instance metadata bypasses OS Login's IAM-based access control and audit logging, letting stale or shared keys grant lingering shell access.",
1174
+ "frameworks": [
1175
+ "CIS GCP Foundations Benchmark 4.3"
1176
+ ],
1177
+ "severity": "MEDIUM",
1178
+ "title": "Manage SSH access via OS Login, not metadata ssh-keys",
1179
+ "detect": {
1180
+ "target": "terraform",
1181
+ "resourceType": "google_compute_instance",
1182
+ "forbid": "ssh-keys\\s*="
1183
+ },
1184
+ "remediate": {
1185
+ "strategy": "manual",
1186
+ "snippet": "Remove the ssh-keys metadata entry and enable OS Login (enable-oslogin = TRUE) so access is governed by IAM."
1187
+ },
1188
+ "requiredActions": [
1189
+ "Remove ssh-keys from instance metadata and rely on OS Login for SSH access."
1190
+ ]
1191
+ },
1192
+ {
1193
+ "ruleId": "GCP_COMPUTE_DELETION_PROTECTION",
1194
+ "threat": "Without deletion protection an attacker or accidental Terraform run can destroy a production instance, causing data loss and outage.",
1195
+ "frameworks": [
1196
+ "CIS GCP Foundations Benchmark 4.x"
1197
+ ],
1198
+ "severity": "LOW",
1199
+ "title": "Enable deletion protection on Compute instances",
1200
+ "detect": {
1201
+ "target": "terraform",
1202
+ "resourceType": "google_compute_instance",
1203
+ "require": "deletion_protection\\s*=\\s*true"
1204
+ },
1205
+ "remediate": {
1206
+ "strategy": "set-attr",
1207
+ "ensure": {
1208
+ "deletion_protection": "true"
1209
+ }
1210
+ },
1211
+ "requiredActions": [
1212
+ "Set deletion_protection = true on the instance."
1213
+ ]
1214
+ },
1215
+ {
1216
+ "ruleId": "GCP_FIREWALL_NO_OPEN_RDP",
1217
+ "threat": "A firewall rule allowing 3389/tcp from 0.0.0.0/0 exposes RDP to the internet, inviting brute-force and BlueKeep-style exploitation.",
1218
+ "frameworks": [
1219
+ "CIS GCP Foundations Benchmark 3.7"
1220
+ ],
1221
+ "severity": "HIGH",
1222
+ "title": "Do not expose RDP (3389) to the internet",
1223
+ "detect": {
1224
+ "target": "terraform",
1225
+ "resourceType": "google_compute_firewall",
1226
+ "forbid": "\"3389\""
1227
+ },
1228
+ "remediate": {
1229
+ "strategy": "manual",
1230
+ "snippet": "Restrict source_ranges to trusted CIDRs or use IAP TCP forwarding instead of opening 3389 to 0.0.0.0/0."
1231
+ },
1232
+ "requiredActions": [
1233
+ "Restrict the RDP firewall rule source_ranges to known administrative IPs or remove port 3389."
1234
+ ]
1235
+ },
1236
+ {
1237
+ "ruleId": "GCP_FIREWALL_LOGGING_ENABLED",
1238
+ "threat": "Firewall rules without logging leave no record of allowed or denied connections, blinding incident responders to lateral movement and exfiltration attempts.",
1239
+ "frameworks": [
1240
+ "CIS GCP Foundations Benchmark 3.x"
1241
+ ],
1242
+ "severity": "MEDIUM",
1243
+ "title": "Enable logging on firewall rules",
1244
+ "detect": {
1245
+ "target": "terraform",
1246
+ "resourceType": "google_compute_firewall",
1247
+ "require": "log_config\\s*\\{"
1248
+ },
1249
+ "remediate": {
1250
+ "strategy": "manual",
1251
+ "snippet": "Add a log_config block with metadata = \"INCLUDE_ALL_METADATA\" to the firewall rule."
1252
+ },
1253
+ "requiredActions": [
1254
+ "Add a log_config block to the firewall rule to enable connection logging."
1255
+ ]
1256
+ },
1257
+ {
1258
+ "ruleId": "GCP_FIREWALL_NO_BROAD_EGRESS",
1259
+ "threat": "An egress allow rule to 0.0.0.0/0 lets a compromised instance exfiltrate data and reach command-and-control servers anywhere on the internet.",
1260
+ "frameworks": [
1261
+ "CIS GCP Foundations Benchmark 3.x"
1262
+ ],
1263
+ "severity": "MEDIUM",
1264
+ "title": "Restrict unrestricted egress firewall rules",
1265
+ "detect": {
1266
+ "target": "terraform",
1267
+ "resourceType": "google_compute_firewall",
1268
+ "forbid": "direction\\s*=\\s*\"EGRESS\"[\\s\\S]*0\\.0\\.0\\.0/0"
1269
+ },
1270
+ "remediate": {
1271
+ "strategy": "manual",
1272
+ "snippet": "Scope egress destination_ranges to required destinations rather than 0.0.0.0/0."
1273
+ },
1274
+ "requiredActions": [
1275
+ "Limit the egress firewall rule destination_ranges to required CIDRs."
1276
+ ]
1277
+ },
1278
+ {
1279
+ "ruleId": "GCP_SUBNETWORK_PRIVATE_GOOGLE_ACCESS",
1280
+ "threat": "Without Private Google Access, VMs without external IPs cannot reach Google APIs privately, pushing operators to attach public IPs and widening the attack surface.",
1281
+ "frameworks": [
1282
+ "CIS GCP Foundations Benchmark 3.x"
1283
+ ],
1284
+ "severity": "LOW",
1285
+ "title": "Enable Private Google Access on subnets",
1286
+ "detect": {
1287
+ "target": "terraform",
1288
+ "resourceType": "google_compute_subnetwork",
1289
+ "require": "private_ip_google_access\\s*=\\s*true"
1290
+ },
1291
+ "remediate": {
1292
+ "strategy": "set-attr",
1293
+ "ensure": {
1294
+ "private_ip_google_access": "true"
1295
+ }
1296
+ },
1297
+ "requiredActions": [
1298
+ "Set private_ip_google_access = true on the subnetwork."
1299
+ ]
1300
+ },
1301
+ {
1302
+ "ruleId": "GCP_SSL_POLICY_MODERN_OR_RESTRICTED",
1303
+ "threat": "A COMPATIBLE or custom SSL policy permits weak ciphers and old TLS, enabling downgrade and decryption attacks against traffic to load balancers.",
1304
+ "frameworks": [
1305
+ "CIS GCP Foundations Benchmark 3.x"
1306
+ ],
1307
+ "severity": "MEDIUM",
1308
+ "title": "Use a MODERN or RESTRICTED SSL policy profile",
1309
+ "detect": {
1310
+ "target": "terraform",
1311
+ "resourceType": "google_compute_ssl_policy",
1312
+ "forbid": "profile\\s*=\\s*\"COMPATIBLE\""
1313
+ },
1314
+ "remediate": {
1315
+ "strategy": "set-attr",
1316
+ "ensure": {
1317
+ "profile": "\"RESTRICTED\""
1318
+ }
1319
+ },
1320
+ "requiredActions": [
1321
+ "Set the SSL policy profile to MODERN or RESTRICTED."
1322
+ ]
1323
+ },
1324
+ {
1325
+ "ruleId": "GCP_SSL_POLICY_MIN_TLS_12",
1326
+ "threat": "An SSL policy allowing TLS 1.0/1.1 leaves load-balanced services open to POODLE, BEAST, and protocol-downgrade attacks.",
1327
+ "frameworks": [
1328
+ "CIS GCP Foundations Benchmark 3.x"
1329
+ ],
1330
+ "severity": "MEDIUM",
1331
+ "title": "Require a minimum TLS version of 1.2 on SSL policies",
1332
+ "detect": {
1333
+ "target": "terraform",
1334
+ "resourceType": "google_compute_ssl_policy",
1335
+ "forbid": "min_tls_version\\s*=\\s*\"TLS_1_0\""
1336
+ },
1337
+ "remediate": {
1338
+ "strategy": "set-attr",
1339
+ "ensure": {
1340
+ "min_tls_version": "\"TLS_1_2\""
1341
+ }
1342
+ },
1343
+ "requiredActions": [
1344
+ "Set min_tls_version = \"TLS_1_2\" on the SSL policy."
1345
+ ]
1346
+ },
1347
+ {
1348
+ "ruleId": "GCP_TARGET_HTTPS_PROXY_SSL_POLICY",
1349
+ "threat": "A target HTTPS proxy without an attached SSL policy falls back to permissive defaults, allowing weak TLS negotiation with clients.",
1350
+ "frameworks": [
1351
+ "CIS GCP Foundations Benchmark 3.x"
1352
+ ],
1353
+ "severity": "MEDIUM",
1354
+ "title": "Attach an SSL policy to target HTTPS proxies",
1355
+ "detect": {
1356
+ "target": "terraform",
1357
+ "resourceType": "google_compute_target_https_proxy",
1358
+ "require": "ssl_policy\\s*="
1359
+ },
1360
+ "remediate": {
1361
+ "strategy": "manual",
1362
+ "snippet": "Reference a hardened google_compute_ssl_policy via the ssl_policy argument."
1363
+ },
1364
+ "requiredActions": [
1365
+ "Set ssl_policy on the target HTTPS proxy to a MODERN/RESTRICTED policy."
1366
+ ]
1367
+ },
1368
+ {
1369
+ "ruleId": "GCP_BACKEND_SERVICE_CLOUD_ARMOR",
1370
+ "threat": "A backend service without a Cloud Armor security policy has no WAF or DDoS layer, leaving applications exposed to L7 floods and injection attacks.",
1371
+ "frameworks": [
1372
+ "CIS GCP Foundations Benchmark 3.x"
1373
+ ],
1374
+ "severity": "MEDIUM",
1375
+ "title": "Attach a Cloud Armor security policy to backend services",
1376
+ "detect": {
1377
+ "target": "terraform",
1378
+ "resourceType": "google_compute_backend_service",
1379
+ "require": "security_policy\\s*="
1380
+ },
1381
+ "remediate": {
1382
+ "strategy": "manual",
1383
+ "snippet": "Reference a google_compute_security_policy via the security_policy argument."
1384
+ },
1385
+ "requiredActions": [
1386
+ "Set security_policy on the backend service to a Cloud Armor policy."
1387
+ ]
1388
+ },
1389
+ {
1390
+ "ruleId": "GCP_BACKEND_SERVICE_LOGGING",
1391
+ "threat": "Backend services without logging provide no visibility into request patterns, hampering detection of scraping, abuse, and exploitation.",
1392
+ "frameworks": [
1393
+ "CIS GCP Foundations Benchmark 3.x"
1394
+ ],
1395
+ "severity": "LOW",
1396
+ "title": "Enable logging on backend services",
1397
+ "detect": {
1398
+ "target": "terraform",
1399
+ "resourceType": "google_compute_backend_service",
1400
+ "require": "log_config\\s*\\{"
1401
+ },
1402
+ "remediate": {
1403
+ "strategy": "manual",
1404
+ "snippet": "Add a log_config block with enable = true and an appropriate sample_rate."
1405
+ },
1406
+ "requiredActions": [
1407
+ "Add a log_config block with enable = true to the backend service."
1408
+ ]
1409
+ },
1410
+ {
1411
+ "ruleId": "GCP_ROUTER_NAT_LOGGING",
1412
+ "threat": "Cloud NAT without logging hides outbound connections from compromised instances, eliminating a key exfiltration and C2 detection signal.",
1413
+ "frameworks": [
1414
+ "CIS GCP Foundations Benchmark 3.x"
1415
+ ],
1416
+ "severity": "LOW",
1417
+ "title": "Enable Cloud NAT logging",
1418
+ "detect": {
1419
+ "target": "terraform",
1420
+ "resourceType": "google_compute_router_nat",
1421
+ "require": "log_config\\s*\\{"
1422
+ },
1423
+ "remediate": {
1424
+ "strategy": "manual",
1425
+ "snippet": "Add a log_config block with enable = true and filter = \"ALL\"."
1426
+ },
1427
+ "requiredActions": [
1428
+ "Add a log_config block to the Cloud NAT with enable = true."
1429
+ ]
1430
+ },
1431
+ {
1432
+ "ruleId": "GCP_DNS_POLICY_LOGGING",
1433
+ "threat": "DNS policies without query logging miss the DNS-based exfiltration and tunneling signals that often reveal compromised workloads.",
1434
+ "frameworks": [
1435
+ "CIS GCP Foundations Benchmark 2.12"
1436
+ ],
1437
+ "severity": "LOW",
1438
+ "title": "Enable DNS query logging on DNS policies",
1439
+ "detect": {
1440
+ "target": "terraform",
1441
+ "resourceType": "google_dns_policy",
1442
+ "require": "enable_logging\\s*=\\s*true"
1443
+ },
1444
+ "remediate": {
1445
+ "strategy": "set-attr",
1446
+ "ensure": {
1447
+ "enable_logging": "true"
1448
+ }
1449
+ },
1450
+ "requiredActions": [
1451
+ "Set enable_logging = true on the DNS policy."
1452
+ ]
1453
+ },
1454
+ {
1455
+ "ruleId": "GCP_GKE_LOGGING_SERVICE",
1456
+ "threat": "A GKE cluster with logging disabled loses audit and container logs, blinding responders to in-cluster attacks and lateral movement.",
1457
+ "frameworks": [
1458
+ "CIS GCP Foundations Benchmark 7.x"
1459
+ ],
1460
+ "severity": "MEDIUM",
1461
+ "title": "Enable Cloud Logging on GKE clusters",
1462
+ "detect": {
1463
+ "target": "terraform",
1464
+ "resourceType": "google_container_cluster",
1465
+ "forbid": "logging_service\\s*=\\s*\"none\""
1466
+ },
1467
+ "remediate": {
1468
+ "strategy": "set-attr",
1469
+ "ensure": {
1470
+ "logging_service": "\"logging.googleapis.com/kubernetes\""
1471
+ }
1472
+ },
1473
+ "requiredActions": [
1474
+ "Set logging_service to logging.googleapis.com/kubernetes (or configure logging_config)."
1475
+ ]
1476
+ },
1477
+ {
1478
+ "ruleId": "GCP_GKE_MONITORING_SERVICE",
1479
+ "threat": "Disabling GKE monitoring removes metric-based anomaly detection, letting cryptominers and runaway compromised pods go unnoticed.",
1480
+ "frameworks": [
1481
+ "CIS GCP Foundations Benchmark 7.x"
1482
+ ],
1483
+ "severity": "LOW",
1484
+ "title": "Enable Cloud Monitoring on GKE clusters",
1485
+ "detect": {
1486
+ "target": "terraform",
1487
+ "resourceType": "google_container_cluster",
1488
+ "forbid": "monitoring_service\\s*=\\s*\"none\""
1489
+ },
1490
+ "remediate": {
1491
+ "strategy": "set-attr",
1492
+ "ensure": {
1493
+ "monitoring_service": "\"monitoring.googleapis.com/kubernetes\""
1494
+ }
1495
+ },
1496
+ "requiredActions": [
1497
+ "Set monitoring_service to monitoring.googleapis.com/kubernetes (or configure monitoring_config)."
1498
+ ]
1499
+ },
1500
+ {
1501
+ "ruleId": "GCP_GKE_CONFIDENTIAL_NODES",
1502
+ "threat": "Without Confidential GKE nodes, in-memory data is unencrypted and readable by a host-level attacker or malicious insider with hypervisor access.",
1503
+ "frameworks": [
1504
+ "CIS GCP Foundations Benchmark 7.x"
1505
+ ],
1506
+ "severity": "MEDIUM",
1507
+ "title": "Enable Confidential Nodes on GKE clusters",
1508
+ "detect": {
1509
+ "target": "terraform",
1510
+ "resourceType": "google_container_cluster",
1511
+ "require": "confidential_nodes\\s*\\{[^}]*enabled\\s*=\\s*true"
1512
+ },
1513
+ "remediate": {
1514
+ "strategy": "manual",
1515
+ "snippet": "Add a confidential_nodes block with enabled = true (requires N2D/C2D machine types)."
1516
+ },
1517
+ "requiredActions": [
1518
+ "Add confidential_nodes { enabled = true } to the cluster."
1519
+ ]
1520
+ },
1521
+ {
1522
+ "ruleId": "GCP_GKE_SECURITY_POSTURE",
1523
+ "threat": "Without security posture scanning, GKE workload misconfigurations and known-vulnerable images deploy unflagged, expanding the cluster attack surface.",
1524
+ "frameworks": [
1525
+ "CIS GCP Foundations Benchmark 7.x"
1526
+ ],
1527
+ "severity": "LOW",
1528
+ "title": "Enable GKE security posture config",
1529
+ "detect": {
1530
+ "target": "terraform",
1531
+ "resourceType": "google_container_cluster",
1532
+ "require": "security_posture_config\\s*\\{"
1533
+ },
1534
+ "remediate": {
1535
+ "strategy": "manual",
1536
+ "snippet": "Add a security_posture_config block with mode = \"BASIC\" and vulnerability_mode set."
1537
+ },
1538
+ "requiredActions": [
1539
+ "Add a security_posture_config block to the cluster."
1540
+ ]
1541
+ },
1542
+ {
1543
+ "ruleId": "GCP_GKE_NODE_WORKLOAD_METADATA_GKE",
1544
+ "threat": "Node pools exposing the legacy metadata endpoints let a compromised pod read the node's service-account token and bootstrap credentials, escalating to cluster takeover.",
1545
+ "frameworks": [
1546
+ "CIS GCP Foundations Benchmark 7.x"
1547
+ ],
1548
+ "severity": "HIGH",
1549
+ "title": "Use GKE_METADATA workload metadata mode on node pools",
1550
+ "detect": {
1551
+ "target": "terraform",
1552
+ "resourceType": "google_container_node_pool",
1553
+ "require": "mode\\s*=\\s*\"GKE_METADATA\""
1554
+ },
1555
+ "remediate": {
1556
+ "strategy": "manual",
1557
+ "snippet": "Set workload_metadata_config { mode = \"GKE_METADATA\" } so Workload Identity shields the node metadata server."
1558
+ },
1559
+ "requiredActions": [
1560
+ "Set workload_metadata_config mode to GKE_METADATA on the node pool."
1561
+ ]
1562
+ },
1563
+ {
1564
+ "ruleId": "GCP_GKE_NODE_GVISOR_SANDBOX",
1565
+ "threat": "Untrusted workloads on a node pool without gVisor share the host kernel, so a container-escape exploit reaches the node and other tenants.",
1566
+ "frameworks": [
1567
+ "CIS GCP Foundations Benchmark 7.x"
1568
+ ],
1569
+ "severity": "LOW",
1570
+ "title": "Enable gVisor sandboxing for untrusted node pools",
1571
+ "detect": {
1572
+ "target": "terraform",
1573
+ "resourceType": "google_container_node_pool",
1574
+ "require": "sandbox_config\\s*\\{[^}]*sandbox_type\\s*=\\s*\"gvisor\""
1575
+ },
1576
+ "remediate": {
1577
+ "strategy": "manual",
1578
+ "snippet": "Add sandbox_config { sandbox_type = \"gvisor\" } for node pools running untrusted code."
1579
+ },
1580
+ "requiredActions": [
1581
+ "Add sandbox_config { sandbox_type = \"gvisor\" } to node pools running untrusted workloads."
1582
+ ]
1583
+ },
1584
+ {
1585
+ "ruleId": "GCP_GKE_NODE_INTEGRITY_MONITORING",
1586
+ "threat": "GKE nodes without integrity monitoring cannot detect boot-level tampering, allowing a node rootkit to persist and harvest secrets.",
1587
+ "frameworks": [
1588
+ "CIS GCP Foundations Benchmark 7.x"
1589
+ ],
1590
+ "severity": "MEDIUM",
1591
+ "title": "Enable integrity monitoring on GKE node pools",
1592
+ "detect": {
1593
+ "target": "terraform",
1594
+ "resourceType": "google_container_node_pool",
1595
+ "require": "enable_integrity_monitoring\\s*=\\s*true"
1596
+ },
1597
+ "remediate": {
1598
+ "strategy": "set-attr",
1599
+ "ensure": {
1600
+ "shielded_instance_config.enable_integrity_monitoring": "true"
1601
+ }
1602
+ },
1603
+ "requiredActions": [
1604
+ "Set shielded_instance_config.enable_integrity_monitoring = true on the node pool."
1605
+ ]
1606
+ },
1607
+ {
1608
+ "ruleId": "GCP_GKE_NODE_NO_DEFAULT_SA",
1609
+ "threat": "Node pools using the default Compute service account inherit broad project permissions, so a single pod compromise can pivot across the project.",
1610
+ "frameworks": [
1611
+ "CIS GCP Foundations Benchmark 7.17"
1612
+ ],
1613
+ "severity": "HIGH",
1614
+ "title": "Assign a dedicated least-privilege service account to node pools",
1615
+ "detect": {
1616
+ "target": "terraform",
1617
+ "resourceType": "google_container_node_pool",
1618
+ "require": "service_account\\s*="
1619
+ },
1620
+ "remediate": {
1621
+ "strategy": "manual",
1622
+ "snippet": "Set node_config.service_account to a custom least-privilege service account instead of the default."
1623
+ },
1624
+ "requiredActions": [
1625
+ "Set a dedicated minimal service_account in the node pool node_config."
1626
+ ]
1627
+ },
1628
+ {
1629
+ "ruleId": "GCP_SQL_LOG_CONNECTIONS",
1630
+ "threat": "Without log_connections, successful and failed Postgres logins are unrecorded, removing the audit trail needed to spot credential-stuffing and unauthorized access.",
1631
+ "frameworks": [
1632
+ "CIS GCP Foundations Benchmark 6.2.x"
1633
+ ],
1634
+ "severity": "LOW",
1635
+ "title": "Enable Postgres log_connections on Cloud SQL",
1636
+ "detect": {
1637
+ "target": "terraform",
1638
+ "resourceType": "google_sql_database_instance",
1639
+ "require": "name\\s*=\\s*\"log_connections\"[\\s\\S]*value\\s*=\\s*\"on\""
1640
+ },
1641
+ "remediate": {
1642
+ "strategy": "manual",
1643
+ "snippet": "Add a database_flags block { name = \"log_connections\" value = \"on\" }."
1644
+ },
1645
+ "requiredActions": [
1646
+ "Add the log_connections=on database flag to the Cloud SQL instance."
1647
+ ]
1648
+ },
1649
+ {
1650
+ "ruleId": "GCP_SQL_LOG_DISCONNECTIONS",
1651
+ "threat": "Without log_disconnections, session end times are missing, making it hard to reconstruct an attacker's session duration during incident response.",
1652
+ "frameworks": [
1653
+ "CIS GCP Foundations Benchmark 6.2.x"
1654
+ ],
1655
+ "severity": "LOW",
1656
+ "title": "Enable Postgres log_disconnections on Cloud SQL",
1657
+ "detect": {
1658
+ "target": "terraform",
1659
+ "resourceType": "google_sql_database_instance",
1660
+ "require": "name\\s*=\\s*\"log_disconnections\"[\\s\\S]*value\\s*=\\s*\"on\""
1661
+ },
1662
+ "remediate": {
1663
+ "strategy": "manual",
1664
+ "snippet": "Add a database_flags block { name = \"log_disconnections\" value = \"on\" }."
1665
+ },
1666
+ "requiredActions": [
1667
+ "Add the log_disconnections=on database flag to the Cloud SQL instance."
1668
+ ]
1669
+ },
1670
+ {
1671
+ "ruleId": "GCP_SQL_LOG_CHECKPOINTS",
1672
+ "threat": "Disabled log_checkpoints reduces operational forensic data, weakening the ability to correlate database activity during an investigation.",
1673
+ "frameworks": [
1674
+ "CIS GCP Foundations Benchmark 6.2.x"
1675
+ ],
1676
+ "severity": "LOW",
1677
+ "title": "Enable Postgres log_checkpoints on Cloud SQL",
1678
+ "detect": {
1679
+ "target": "terraform",
1680
+ "resourceType": "google_sql_database_instance",
1681
+ "require": "name\\s*=\\s*\"log_checkpoints\"[\\s\\S]*value\\s*=\\s*\"on\""
1682
+ },
1683
+ "remediate": {
1684
+ "strategy": "manual",
1685
+ "snippet": "Add a database_flags block { name = \"log_checkpoints\" value = \"on\" }."
1686
+ },
1687
+ "requiredActions": [
1688
+ "Add the log_checkpoints=on database flag to the Cloud SQL instance."
1689
+ ]
1690
+ },
1691
+ {
1692
+ "ruleId": "GCP_SQL_LOG_LOCK_WAITS",
1693
+ "threat": "Without log_lock_waits, lock contention from injection-driven or abusive queries goes unlogged, masking denial-of-service patterns.",
1694
+ "frameworks": [
1695
+ "CIS GCP Foundations Benchmark 6.2.x"
1696
+ ],
1697
+ "severity": "LOW",
1698
+ "title": "Enable Postgres log_lock_waits on Cloud SQL",
1699
+ "detect": {
1700
+ "target": "terraform",
1701
+ "resourceType": "google_sql_database_instance",
1702
+ "require": "name\\s*=\\s*\"log_lock_waits\"[\\s\\S]*value\\s*=\\s*\"on\""
1703
+ },
1704
+ "remediate": {
1705
+ "strategy": "manual",
1706
+ "snippet": "Add a database_flags block { name = \"log_lock_waits\" value = \"on\" }."
1707
+ },
1708
+ "requiredActions": [
1709
+ "Add the log_lock_waits=on database flag to the Cloud SQL instance."
1710
+ ]
1711
+ },
1712
+ {
1713
+ "ruleId": "GCP_SQL_LOG_MIN_MESSAGES",
1714
+ "threat": "An overly permissive log_min_messages setting can suppress warning-level events that reveal probing or misuse of the database.",
1715
+ "frameworks": [
1716
+ "CIS GCP Foundations Benchmark 6.2.x"
1717
+ ],
1718
+ "severity": "LOW",
1719
+ "title": "Set Postgres log_min_messages appropriately on Cloud SQL",
1720
+ "detect": {
1721
+ "target": "terraform",
1722
+ "resourceType": "google_sql_database_instance",
1723
+ "require": "name\\s*=\\s*\"log_min_messages\""
1724
+ },
1725
+ "remediate": {
1726
+ "strategy": "manual",
1727
+ "snippet": "Add a database_flags block { name = \"log_min_messages\" value = \"warning\" } or stricter."
1728
+ },
1729
+ "requiredActions": [
1730
+ "Add the log_min_messages database flag set to warning or stricter."
1731
+ ]
1732
+ },
1733
+ {
1734
+ "ruleId": "GCP_SQL_CONTAINED_DB_AUTH_OFF",
1735
+ "threat": "Contained database authentication on SQL Server lets users authenticate without a server login, enabling lateral movement between databases and bypassing central control.",
1736
+ "frameworks": [
1737
+ "CIS GCP Foundations Benchmark 6.3.x"
1738
+ ],
1739
+ "severity": "MEDIUM",
1740
+ "title": "Disable contained database authentication on Cloud SQL Server",
1741
+ "detect": {
1742
+ "target": "terraform",
1743
+ "resourceType": "google_sql_database_instance",
1744
+ "forbid": "name\\s*=\\s*\"contained database authentication\"[\\s\\S]*value\\s*=\\s*\"on\""
1745
+ },
1746
+ "remediate": {
1747
+ "strategy": "manual",
1748
+ "snippet": "Set the 'contained database authentication' database flag to off."
1749
+ },
1750
+ "requiredActions": [
1751
+ "Set the 'contained database authentication' flag to off on the SQL Server instance."
1752
+ ]
1753
+ },
1754
+ {
1755
+ "ruleId": "GCP_SQL_CROSS_DB_OWNERSHIP_OFF",
1756
+ "threat": "Cross db ownership chaining lets an attacker who controls one database escalate privileges into others sharing an owner, breaking database isolation.",
1757
+ "frameworks": [
1758
+ "CIS GCP Foundations Benchmark 6.3.x"
1759
+ ],
1760
+ "severity": "MEDIUM",
1761
+ "title": "Disable cross db ownership chaining on Cloud SQL Server",
1762
+ "detect": {
1763
+ "target": "terraform",
1764
+ "resourceType": "google_sql_database_instance",
1765
+ "forbid": "name\\s*=\\s*\"cross db ownership chaining\"[\\s\\S]*value\\s*=\\s*\"on\""
1766
+ },
1767
+ "remediate": {
1768
+ "strategy": "manual",
1769
+ "snippet": "Set the 'cross db ownership chaining' database flag to off."
1770
+ },
1771
+ "requiredActions": [
1772
+ "Set the 'cross db ownership chaining' flag to off on the SQL Server instance."
1773
+ ]
1774
+ },
1775
+ {
1776
+ "ruleId": "GCP_SQL_LOCAL_INFILE_OFF",
1777
+ "threat": "MySQL local_infile lets clients read server-side files, which an attacker exploiting SQL injection can abuse to exfiltrate arbitrary files from the host.",
1778
+ "frameworks": [
1779
+ "CIS GCP Foundations Benchmark 6.1.x"
1780
+ ],
1781
+ "severity": "MEDIUM",
1782
+ "title": "Disable local_infile on Cloud SQL MySQL",
1783
+ "detect": {
1784
+ "target": "terraform",
1785
+ "resourceType": "google_sql_database_instance",
1786
+ "forbid": "name\\s*=\\s*\"local_infile\"[\\s\\S]*value\\s*=\\s*\"on\""
1787
+ },
1788
+ "remediate": {
1789
+ "strategy": "manual",
1790
+ "snippet": "Set the local_infile database flag to off."
1791
+ },
1792
+ "requiredActions": [
1793
+ "Set the local_infile flag to off on the MySQL instance."
1794
+ ]
1795
+ },
1796
+ {
1797
+ "ruleId": "GCP_SQL_SKIP_SHOW_DATABASE_ON",
1798
+ "threat": "Without skip_show_database, any MySQL user can enumerate all database names, giving an attacker a map of targets for further compromise.",
1799
+ "frameworks": [
1800
+ "CIS GCP Foundations Benchmark 6.1.x"
1801
+ ],
1802
+ "severity": "LOW",
1803
+ "title": "Enable skip_show_database on Cloud SQL MySQL",
1804
+ "detect": {
1805
+ "target": "terraform",
1806
+ "resourceType": "google_sql_database_instance",
1807
+ "require": "name\\s*=\\s*\"skip_show_database\"[\\s\\S]*value\\s*=\\s*\"on\""
1808
+ },
1809
+ "remediate": {
1810
+ "strategy": "manual",
1811
+ "snippet": "Add a database_flags block { name = \"skip_show_database\" value = \"on\" }."
1812
+ },
1813
+ "requiredActions": [
1814
+ "Add the skip_show_database=on database flag to the MySQL instance."
1815
+ ]
1816
+ },
1817
+ {
1818
+ "ruleId": "GCP_SQL_NO_DELETE_PROTECTION_DISABLED",
1819
+ "threat": "With deletion protection off, an attacker with API access or an errant Terraform apply can permanently destroy the production database.",
1820
+ "frameworks": [
1821
+ "CIS GCP Foundations Benchmark 6.x"
1822
+ ],
1823
+ "severity": "MEDIUM",
1824
+ "title": "Enable deletion protection on Cloud SQL instances",
1825
+ "detect": {
1826
+ "target": "terraform",
1827
+ "resourceType": "google_sql_database_instance",
1828
+ "require": "deletion_protection\\s*=\\s*true"
1829
+ },
1830
+ "remediate": {
1831
+ "strategy": "set-attr",
1832
+ "ensure": {
1833
+ "deletion_protection": "true"
1834
+ }
1835
+ },
1836
+ "requiredActions": [
1837
+ "Set deletion_protection = true on the Cloud SQL instance."
1838
+ ]
1839
+ },
1840
+ {
1841
+ "ruleId": "GCP_STORAGE_RETENTION_POLICY",
1842
+ "threat": "Buckets without a retention policy allow an attacker who gains write access to overwrite or delete objects, defeating ransomware recovery and tamper-evidence.",
1843
+ "frameworks": [
1844
+ "CIS GCP Foundations Benchmark 5.x"
1845
+ ],
1846
+ "severity": "LOW",
1847
+ "title": "Configure a retention policy on storage buckets",
1848
+ "detect": {
1849
+ "target": "terraform",
1850
+ "resourceType": "google_storage_bucket",
1851
+ "require": "retention_policy\\s*\\{"
1852
+ },
1853
+ "remediate": {
1854
+ "strategy": "manual",
1855
+ "snippet": "Add a retention_policy block with an appropriate retention_period for immutable data."
1856
+ },
1857
+ "requiredActions": [
1858
+ "Add a retention_policy block to the bucket where immutability is required."
1859
+ ]
1860
+ },
1861
+ {
1862
+ "ruleId": "GCP_KMS_CRYPTO_KEY_HSM",
1863
+ "threat": "Software-protected KMS keys are more exposed than HSM-backed keys; an attacker with sufficient access has a larger window to extract or misuse high-value keys.",
1864
+ "frameworks": [
1865
+ "CIS GCP Foundations Benchmark 1.x"
1866
+ ],
1867
+ "severity": "LOW",
1868
+ "title": "Use HSM protection level for sensitive KMS keys",
1869
+ "detect": {
1870
+ "target": "terraform",
1871
+ "resourceType": "google_kms_crypto_key",
1872
+ "require": "protection_level\\s*=\\s*\"HSM\""
1873
+ },
1874
+ "remediate": {
1875
+ "strategy": "manual",
1876
+ "snippet": "Set version_template { protection_level = \"HSM\" } for high-value keys."
1877
+ },
1878
+ "requiredActions": [
1879
+ "Set protection_level = \"HSM\" in the key's version_template for sensitive keys."
1880
+ ]
1881
+ },
1882
+ {
1883
+ "ruleId": "GCP_KMS_CRYPTO_KEY_DESTROY_DURATION",
1884
+ "threat": "A short destroy_scheduled_duration shrinks the recovery window, so an attacker who initiates key destruction can render data unrecoverable before defenders react.",
1885
+ "frameworks": [
1886
+ "CIS GCP Foundations Benchmark 1.x"
1887
+ ],
1888
+ "severity": "LOW",
1889
+ "title": "Set an adequate destroy scheduled duration on KMS keys",
1890
+ "detect": {
1891
+ "target": "terraform",
1892
+ "resourceType": "google_kms_crypto_key",
1893
+ "require": "destroy_scheduled_duration\\s*="
1894
+ },
1895
+ "remediate": {
1896
+ "strategy": "manual",
1897
+ "snippet": "Set destroy_scheduled_duration to at least 86400s (24h) to retain a recovery window."
1898
+ },
1899
+ "requiredActions": [
1900
+ "Set destroy_scheduled_duration to an adequate value (e.g. 86400s) on the crypto key."
1901
+ ]
1902
+ },
1903
+ {
1904
+ "ruleId": "GCP_SECRET_MANAGER_ROTATION",
1905
+ "threat": "Secrets without automatic rotation stay valid indefinitely, so a leaked credential remains usable to an attacker long after exposure.",
1906
+ "frameworks": [
1907
+ "CIS GCP Foundations Benchmark 1.x"
1908
+ ],
1909
+ "severity": "MEDIUM",
1910
+ "title": "Configure rotation on Secret Manager secrets",
1911
+ "detect": {
1912
+ "target": "terraform",
1913
+ "resourceType": "google_secret_manager_secret",
1914
+ "require": "rotation\\s*\\{"
1915
+ },
1916
+ "remediate": {
1917
+ "strategy": "manual",
1918
+ "snippet": "Add a rotation block with rotation_period and a topics notification target."
1919
+ },
1920
+ "requiredActions": [
1921
+ "Add a rotation block to the Secret Manager secret."
1922
+ ]
1923
+ },
1924
+ {
1925
+ "ruleId": "GCP_SECRET_MANAGER_EXPIRE_TIME",
1926
+ "threat": "Secrets without an expiry persist forever, increasing the chance an old, leaked secret is still accepted by services.",
1927
+ "frameworks": [
1928
+ "CIS GCP Foundations Benchmark 1.x"
1929
+ ],
1930
+ "severity": "LOW",
1931
+ "title": "Set an expiry on ephemeral Secret Manager secrets",
1932
+ "detect": {
1933
+ "target": "terraform",
1934
+ "resourceType": "google_secret_manager_secret",
1935
+ "require": "expire_time\\s*=|ttl\\s*="
1936
+ },
1937
+ "remediate": {
1938
+ "strategy": "manual",
1939
+ "snippet": "Set expire_time or ttl on short-lived secrets so they auto-expire."
1940
+ },
1941
+ "requiredActions": [
1942
+ "Set expire_time or ttl on ephemeral Secret Manager secrets."
1943
+ ]
1944
+ },
1945
+ {
1946
+ "ruleId": "GCP_PROJECT_AUDIT_DATA_ACCESS_LOGS",
1947
+ "threat": "Without DATA_READ/DATA_WRITE audit logging, reads and writes to sensitive resources go unrecorded, so data exfiltration leaves no trace.",
1948
+ "frameworks": [
1949
+ "CIS GCP Foundations Benchmark 2.1"
1950
+ ],
1951
+ "severity": "MEDIUM",
1952
+ "title": "Enable Data Access audit logging",
1953
+ "detect": {
1954
+ "target": "terraform",
1955
+ "resourceType": "google_project_iam_audit_config",
1956
+ "require": "DATA_READ|DATA_WRITE"
1957
+ },
1958
+ "remediate": {
1959
+ "strategy": "manual",
1960
+ "snippet": "Add audit_log_config blocks for DATA_READ and DATA_WRITE log types covering allServices."
1961
+ },
1962
+ "requiredActions": [
1963
+ "Add DATA_READ and DATA_WRITE audit_log_config blocks to the audit config."
1964
+ ]
1965
+ },
1966
+ {
1967
+ "ruleId": "GCP_PROJECT_AUDIT_NO_EXEMPTED_MEMBERS",
1968
+ "threat": "Exempting members from audit logging creates blind spots an insider or attacker can hide activity behind.",
1969
+ "frameworks": [
1970
+ "CIS GCP Foundations Benchmark 2.1"
1971
+ ],
1972
+ "severity": "MEDIUM",
1973
+ "title": "Do not exempt members from audit logging",
1974
+ "detect": {
1975
+ "target": "terraform",
1976
+ "resourceType": "google_project_iam_audit_config",
1977
+ "forbid": "exempted_members\\s*="
1978
+ },
1979
+ "remediate": {
1980
+ "strategy": "manual",
1981
+ "snippet": "Remove exempted_members so all principals are subject to audit logging."
1982
+ },
1983
+ "requiredActions": [
1984
+ "Remove exempted_members from the audit_log_config blocks."
1985
+ ]
1986
+ },
1987
+ {
1988
+ "ruleId": "GCP_PUBSUB_TOPIC_MESSAGE_RETENTION",
1989
+ "threat": "Topics without message retention cannot replay events for forensic review after an incident, losing evidence of malicious or anomalous messages.",
1990
+ "frameworks": [
1991
+ "CIS GCP Foundations Benchmark 1.x"
1992
+ ],
1993
+ "severity": "LOW",
1994
+ "title": "Configure message retention on Pub/Sub topics",
1995
+ "detect": {
1996
+ "target": "terraform",
1997
+ "resourceType": "google_pubsub_topic",
1998
+ "require": "message_retention_duration\\s*="
1999
+ },
2000
+ "remediate": {
2001
+ "strategy": "manual",
2002
+ "snippet": "Set message_retention_duration on the topic to retain messages for replay/forensics."
2003
+ },
2004
+ "requiredActions": [
2005
+ "Set message_retention_duration on the Pub/Sub topic."
2006
+ ]
2007
+ },
2008
+ {
2009
+ "ruleId": "GCP_PUBSUB_SUBSCRIPTION_NOT_PUBLIC",
2010
+ "threat": "Granting allUsers or allAuthenticatedUsers on a subscription lets anyone consume messages, exposing potentially sensitive event data.",
2011
+ "frameworks": [
2012
+ "CIS GCP Foundations Benchmark 1.x"
2013
+ ],
2014
+ "severity": "HIGH",
2015
+ "title": "Do not grant public access to Pub/Sub subscriptions",
2016
+ "detect": {
2017
+ "target": "terraform",
2018
+ "resourceType": "google_pubsub_subscription_iam_member",
2019
+ "forbid": "allUsers|allAuthenticatedUsers"
2020
+ },
2021
+ "remediate": {
2022
+ "strategy": "manual",
2023
+ "snippet": "Replace allUsers/allAuthenticatedUsers with specific service accounts or groups."
2024
+ },
2025
+ "requiredActions": [
2026
+ "Remove allUsers/allAuthenticatedUsers bindings from the subscription IAM member."
2027
+ ]
2028
+ },
2029
+ {
2030
+ "ruleId": "GCP_REDIS_TRANSIT_ENCRYPTION",
2031
+ "threat": "A Memorystore Redis instance without in-transit encryption sends cache data in cleartext, letting a network attacker sniff or tamper with cached secrets and sessions.",
2032
+ "frameworks": [
2033
+ "CIS GCP Foundations Benchmark 1.x"
2034
+ ],
2035
+ "severity": "MEDIUM",
2036
+ "title": "Enable in-transit encryption on Memorystore Redis",
2037
+ "detect": {
2038
+ "target": "terraform",
2039
+ "resourceType": "google_redis_instance",
2040
+ "require": "transit_encryption_mode\\s*=\\s*\"SERVER_AUTHENTICATION\""
2041
+ },
2042
+ "remediate": {
2043
+ "strategy": "set-attr",
2044
+ "ensure": {
2045
+ "transit_encryption_mode": "\"SERVER_AUTHENTICATION\""
2046
+ }
2047
+ },
2048
+ "requiredActions": [
2049
+ "Set transit_encryption_mode = \"SERVER_AUTHENTICATION\" on the Redis instance."
2050
+ ]
2051
+ },
2052
+ {
2053
+ "ruleId": "GCP_REDIS_PRIVATE_SERVICE_ACCESS",
2054
+ "threat": "A Redis instance in DIRECT_PEERING or with a public-facing connect mode is more exposed than one using PRIVATE_SERVICE_ACCESS, widening reachability for attackers.",
2055
+ "frameworks": [
2056
+ "CIS GCP Foundations Benchmark 1.x"
2057
+ ],
2058
+ "severity": "LOW",
2059
+ "title": "Use PRIVATE_SERVICE_ACCESS connect mode for Memorystore Redis",
2060
+ "detect": {
2061
+ "target": "terraform",
2062
+ "resourceType": "google_redis_instance",
2063
+ "require": "connect_mode\\s*=\\s*\"PRIVATE_SERVICE_ACCESS\""
2064
+ },
2065
+ "remediate": {
2066
+ "strategy": "set-attr",
2067
+ "ensure": {
2068
+ "connect_mode": "\"PRIVATE_SERVICE_ACCESS\""
2069
+ }
2070
+ },
2071
+ "requiredActions": [
2072
+ "Set connect_mode = \"PRIVATE_SERVICE_ACCESS\" on the Redis instance."
2073
+ ]
2074
+ },
2075
+ {
2076
+ "ruleId": "GCP_BIGQUERY_TABLE_CMEK",
2077
+ "threat": "BigQuery tables without customer-managed encryption rely solely on Google-managed keys, removing the customer's ability to revoke access by disabling the key during a breach.",
2078
+ "frameworks": [
2079
+ "CIS GCP Foundations Benchmark 7.x"
2080
+ ],
2081
+ "severity": "LOW",
2082
+ "title": "Use CMEK on BigQuery tables",
2083
+ "detect": {
2084
+ "target": "terraform",
2085
+ "resourceType": "google_bigquery_table",
2086
+ "require": "encryption_configuration\\s*\\{"
2087
+ },
2088
+ "remediate": {
2089
+ "strategy": "manual",
2090
+ "snippet": "Add an encryption_configuration block with kms_key_name set to a customer-managed key."
2091
+ },
2092
+ "requiredActions": [
2093
+ "Add encryption_configuration with kms_key_name to the BigQuery table."
2094
+ ]
2095
+ },
2096
+ {
2097
+ "ruleId": "GCP_DATAFLOW_NO_PUBLIC_IP",
2098
+ "threat": "Dataflow workers with public IPs are directly reachable from the internet, exposing the job's processing nodes to network attacks.",
2099
+ "frameworks": [
2100
+ "CIS GCP Foundations Benchmark 4.x"
2101
+ ],
2102
+ "severity": "MEDIUM",
2103
+ "title": "Disable public IPs on Dataflow jobs",
2104
+ "detect": {
2105
+ "target": "terraform",
2106
+ "resourceType": "google_dataflow_job",
2107
+ "require": "ip_configuration\\s*=\\s*\"WORKER_IP_PRIVATE\""
2108
+ },
2109
+ "remediate": {
2110
+ "strategy": "set-attr",
2111
+ "ensure": {
2112
+ "ip_configuration": "\"WORKER_IP_PRIVATE\""
2113
+ }
2114
+ },
2115
+ "requiredActions": [
2116
+ "Set ip_configuration = \"WORKER_IP_PRIVATE\" on the Dataflow job."
2117
+ ]
2118
+ },
2119
+ {
2120
+ "ruleId": "GCP_DATAPROC_SHIELDED_VM",
2121
+ "threat": "Dataproc clusters without Shielded VM config lack secure boot and vTPM protections, exposing cluster nodes to boot-level tampering.",
2122
+ "frameworks": [
2123
+ "CIS GCP Foundations Benchmark 4.x"
2124
+ ],
2125
+ "severity": "LOW",
2126
+ "title": "Enable Shielded VM config on Dataproc clusters",
2127
+ "detect": {
2128
+ "target": "terraform",
2129
+ "resourceType": "google_dataproc_cluster",
2130
+ "require": "shielded_instance_config\\s*\\{"
2131
+ },
2132
+ "remediate": {
2133
+ "strategy": "manual",
2134
+ "snippet": "Add a shielded_instance_config block enabling secure boot, vTPM, and integrity monitoring."
2135
+ },
2136
+ "requiredActions": [
2137
+ "Add a shielded_instance_config block to the Dataproc cluster gce_cluster_config."
2138
+ ]
2139
+ },
2140
+ {
2141
+ "ruleId": "GCP_CLOUDFUNCTIONS_VPC_CONNECTOR",
2142
+ "threat": "A Cloud Function without a VPC connector egresses over the public internet, preventing private routing and exposing outbound traffic to interception.",
2143
+ "frameworks": [
2144
+ "CIS GCP Foundations Benchmark 4.x"
2145
+ ],
2146
+ "severity": "LOW",
2147
+ "title": "Route Cloud Functions egress through a VPC connector",
2148
+ "detect": {
2149
+ "target": "terraform",
2150
+ "resourceType": "google_cloudfunctions_function",
2151
+ "require": "vpc_connector\\s*="
2152
+ },
2153
+ "remediate": {
2154
+ "strategy": "manual",
2155
+ "snippet": "Set vpc_connector to a Serverless VPC Access connector for private egress."
2156
+ },
2157
+ "requiredActions": [
2158
+ "Set vpc_connector on the Cloud Function for private VPC egress."
2159
+ ]
2160
+ },
2161
+ {
2162
+ "ruleId": "GCP_CLOUDFUNCTIONS_NO_PUBLIC_INVOKER",
2163
+ "threat": "Granting allUsers the invoker role on a 1st-gen Cloud Function makes it publicly invocable, exposing the function logic and any downstream access to anyone.",
2164
+ "frameworks": [
2165
+ "CIS GCP Foundations Benchmark 4.x"
2166
+ ],
2167
+ "severity": "HIGH",
2168
+ "title": "Do not allow public invocation of Cloud Functions",
2169
+ "detect": {
2170
+ "target": "terraform",
2171
+ "resourceType": "google_cloudfunctions_function_iam_member",
2172
+ "forbid": "allUsers|allAuthenticatedUsers"
2173
+ },
2174
+ "remediate": {
2175
+ "strategy": "manual",
2176
+ "snippet": "Replace allUsers/allAuthenticatedUsers with specific authenticated principals."
2177
+ },
2178
+ "requiredActions": [
2179
+ "Remove allUsers/allAuthenticatedUsers from the function invoker IAM member."
2180
+ ]
2181
+ },
2182
+ {
2183
+ "ruleId": "GCP_STORAGE_BUCKET_IAM_NOT_PUBLIC",
2184
+ "threat": "Binding allUsers or allAuthenticatedUsers to a storage bucket exposes its objects to the entire internet, the classic GCS data-leak vector.",
2185
+ "frameworks": [
2186
+ "CIS GCP Foundations Benchmark 5.1"
2187
+ ],
2188
+ "severity": "CRITICAL",
2189
+ "title": "Do not grant public access to storage buckets",
2190
+ "detect": {
2191
+ "target": "terraform",
2192
+ "resourceType": "google_storage_bucket_iam_member",
2193
+ "forbid": "allUsers|allAuthenticatedUsers"
2194
+ },
2195
+ "remediate": {
2196
+ "strategy": "manual",
2197
+ "snippet": "Remove allUsers/allAuthenticatedUsers bindings and grant access to specific principals."
2198
+ },
2199
+ "requiredActions": [
2200
+ "Remove allUsers/allAuthenticatedUsers from the bucket IAM member binding."
2201
+ ]
2202
+ },
2203
+ {
2204
+ "ruleId": "GCP_BIGQUERY_DATASET_IAM_NOT_PUBLIC",
2205
+ "threat": "Public IAM bindings on a BigQuery dataset let anyone query potentially sensitive analytics data.",
2206
+ "frameworks": [
2207
+ "CIS GCP Foundations Benchmark 7.x"
2208
+ ],
2209
+ "severity": "HIGH",
2210
+ "title": "Do not grant public access to BigQuery datasets via IAM",
2211
+ "detect": {
2212
+ "target": "terraform",
2213
+ "resourceType": "google_bigquery_dataset_iam_member",
2214
+ "forbid": "allUsers|allAuthenticatedUsers"
2215
+ },
2216
+ "remediate": {
2217
+ "strategy": "manual",
2218
+ "snippet": "Remove allUsers/allAuthenticatedUsers and grant dataset access to specific principals."
2219
+ },
2220
+ "requiredActions": [
2221
+ "Remove public members from the BigQuery dataset IAM member binding."
2222
+ ]
2223
+ },
2224
+ {
2225
+ "ruleId": "GCP_PROJECT_IAM_NO_SA_USER_PRIMITIVE",
2226
+ "threat": "Granting primitive owner/editor roles at the project level via binding gives broad standing access that an attacker can abuse for full project control.",
2227
+ "frameworks": [
2228
+ "CIS GCP Foundations Benchmark 1.x"
2229
+ ],
2230
+ "severity": "HIGH",
2231
+ "title": "Avoid primitive roles in project IAM bindings",
2232
+ "detect": {
2233
+ "target": "terraform",
2234
+ "resourceType": "google_project_iam_binding",
2235
+ "forbid": "\"roles/owner\"|\"roles/editor\""
2236
+ },
2237
+ "remediate": {
2238
+ "strategy": "manual",
2239
+ "snippet": "Replace roles/owner and roles/editor with granular predefined or custom roles."
2240
+ },
2241
+ "requiredActions": [
2242
+ "Replace primitive roles in the project IAM binding with least-privilege roles."
2243
+ ]
2244
+ },
2245
+ {
2246
+ "ruleId": "GCP_SPANNER_DELETION_PROTECTION",
2247
+ "threat": "A Spanner database without deletion protection can be destroyed by a compromised credential or stray Terraform apply, causing irreversible data loss.",
2248
+ "frameworks": [
2249
+ "CIS GCP Foundations Benchmark 1.x"
2250
+ ],
2251
+ "severity": "MEDIUM",
2252
+ "title": "Enable deletion protection on Spanner databases",
2253
+ "detect": {
2254
+ "target": "terraform",
2255
+ "resourceType": "google_spanner_database",
2256
+ "require": "deletion_protection\\s*=\\s*true"
2257
+ },
2258
+ "remediate": {
2259
+ "strategy": "set-attr",
2260
+ "ensure": {
2261
+ "deletion_protection": "true"
2262
+ }
2263
+ },
2264
+ "requiredActions": [
2265
+ "Set deletion_protection = true on the Spanner database."
2266
+ ]
2267
+ },
2268
+ {
2269
+ "ruleId": "GCP_BIGTABLE_DELETION_PROTECTION",
2270
+ "threat": "A Bigtable instance without deletion protection can be wiped by an attacker or accidental destroy, losing all stored data.",
2271
+ "frameworks": [
2272
+ "CIS GCP Foundations Benchmark 1.x"
2273
+ ],
2274
+ "severity": "MEDIUM",
2275
+ "title": "Enable deletion protection on Bigtable instances",
2276
+ "detect": {
2277
+ "target": "terraform",
2278
+ "resourceType": "google_bigtable_instance",
2279
+ "require": "deletion_protection\\s*=\\s*true"
2280
+ },
2281
+ "remediate": {
2282
+ "strategy": "set-attr",
2283
+ "ensure": {
2284
+ "deletion_protection": "true"
2285
+ }
2286
+ },
2287
+ "requiredActions": [
2288
+ "Set deletion_protection = true on the Bigtable instance."
2289
+ ]
2290
+ },
2291
+ {
2292
+ "ruleId": "GCP_COMPUTE_DISK_NO_PUBLIC_IMAGE_SHARING",
2293
+ "threat": "A disk image granted to allAuthenticatedUsers is downloadable by any Google account, leaking baked-in secrets, code, and credentials.",
2294
+ "frameworks": [
2295
+ "CIS GCP Foundations Benchmark 4.x"
2296
+ ],
2297
+ "severity": "HIGH",
2298
+ "title": "Do not share Compute images publicly",
2299
+ "detect": {
2300
+ "target": "terraform",
2301
+ "resourceType": "google_compute_image_iam_member",
2302
+ "forbid": "allUsers|allAuthenticatedUsers"
2303
+ },
2304
+ "remediate": {
2305
+ "strategy": "manual",
2306
+ "snippet": "Remove allUsers/allAuthenticatedUsers from the image IAM binding and share with specific principals only."
2307
+ },
2308
+ "requiredActions": [
2309
+ "Remove public members from the Compute image IAM member binding."
2310
+ ]
2311
+ },
2312
+ {
2313
+ "ruleId": "GCP_KMS_KEYRING_IAM_NOT_PUBLIC",
2314
+ "threat": "Public IAM on a KMS key ring lets anyone use the contained keys to encrypt/decrypt, breaking the confidentiality of every object protected by those keys.",
2315
+ "frameworks": [
2316
+ "CIS GCP Foundations Benchmark 1.x"
2317
+ ],
2318
+ "severity": "CRITICAL",
2319
+ "title": "Do not grant public access to KMS key rings",
2320
+ "detect": {
2321
+ "target": "terraform",
2322
+ "resourceType": "google_kms_key_ring_iam_member",
2323
+ "forbid": "allUsers|allAuthenticatedUsers"
2324
+ },
2325
+ "remediate": {
2326
+ "strategy": "manual",
2327
+ "snippet": "Remove allUsers/allAuthenticatedUsers from the key ring IAM binding."
2328
+ },
2329
+ "requiredActions": [
2330
+ "Remove public members from the KMS key ring IAM member binding."
2331
+ ]
2332
+ },
2333
+ {
2334
+ "ruleId": "GCP_FILESTORE_CMEK",
2335
+ "threat": "A Filestore instance without CMEK relies only on Google-managed keys, removing the customer's ability to revoke data access by disabling a key during a breach.",
2336
+ "frameworks": [
2337
+ "CIS GCP Foundations Benchmark 1.x"
2338
+ ],
2339
+ "severity": "LOW",
2340
+ "title": "Use CMEK on Filestore instances",
2341
+ "detect": {
2342
+ "target": "terraform",
2343
+ "resourceType": "google_filestore_instance",
2344
+ "require": "kms_key_name\\s*="
2345
+ },
2346
+ "remediate": {
2347
+ "strategy": "set-attr",
2348
+ "ensure": {
2349
+ "kms_key_name": "\"projects/PROJECT/locations/LOCATION/keyRings/RING/cryptoKeys/KEY\""
2350
+ }
2351
+ },
2352
+ "requiredActions": [
2353
+ "Set kms_key_name on the Filestore instance to a customer-managed key."
2354
+ ]
2355
+ },
2356
+ {
2357
+ "ruleId": "GCP_PUBSUB_SUBSCRIPTION_CMEK_TOPIC",
2358
+ "threat": "Vertex AI featurestores without CMEK depend solely on Google-managed encryption, removing the key-revocation control during incident response.",
2359
+ "frameworks": [
2360
+ "CIS GCP Foundations Benchmark 1.x"
2361
+ ],
2362
+ "severity": "LOW",
2363
+ "title": "Use CMEK on Vertex AI featurestores",
2364
+ "detect": {
2365
+ "target": "terraform",
2366
+ "resourceType": "google_vertex_ai_featurestore",
2367
+ "require": "encryption_spec\\s*\\{"
2368
+ },
2369
+ "remediate": {
2370
+ "strategy": "manual",
2371
+ "snippet": "Add an encryption_spec block with kms_key_name referencing a customer-managed key."
2372
+ },
2373
+ "requiredActions": [
2374
+ "Add encryption_spec with kms_key_name to the Vertex AI featurestore."
2375
+ ]
2376
+ },
2377
+ {
2378
+ "ruleId": "GCP_COMPUTE_INSTANCE_TEMPLATE_SHIELDED",
2379
+ "threat": "Instance templates without Shielded VM config propagate insecure boot settings to every VM in a managed instance group, scaling the boot-tampering risk fleet-wide.",
2380
+ "frameworks": [
2381
+ "CIS GCP Foundations Benchmark 4.8"
2382
+ ],
2383
+ "severity": "MEDIUM",
2384
+ "title": "Enable Shielded VM secure boot in instance templates",
2385
+ "detect": {
2386
+ "target": "terraform",
2387
+ "resourceType": "google_compute_instance_template",
2388
+ "require": "enable_secure_boot\\s*=\\s*true"
2389
+ },
2390
+ "remediate": {
2391
+ "strategy": "set-attr",
2392
+ "ensure": {
2393
+ "shielded_instance_config.enable_secure_boot": "true"
2394
+ }
2395
+ },
2396
+ "requiredActions": [
2397
+ "Set shielded_instance_config.enable_secure_boot = true in the instance template."
2398
+ ]
2399
+ },
2400
+ {
2401
+ "ruleId": "GCP_COMPUTE_INSTANCE_TEMPLATE_NO_PUBLIC_IP",
2402
+ "threat": "An instance template with an access_config block assigns public IPs to every VM in the group, exposing the whole fleet directly to the internet.",
2403
+ "frameworks": [
2404
+ "CIS GCP Foundations Benchmark 4.9"
2405
+ ],
2406
+ "severity": "MEDIUM",
2407
+ "title": "Do not assign public IPs in instance templates",
2408
+ "detect": {
2409
+ "target": "terraform",
2410
+ "resourceType": "google_compute_instance_template",
2411
+ "forbid": "access_config\\s*\\{"
2412
+ },
2413
+ "remediate": {
2414
+ "strategy": "manual",
2415
+ "snippet": "Remove the access_config block so VMs created from the template have no external IP."
2416
+ },
2417
+ "requiredActions": [
2418
+ "Remove the access_config block from the instance template network_interface."
2419
+ ]
2420
+ },
2421
+ {
2422
+ "ruleId": "GCP_BIGQUERY_DATASET_DELETE_CONTENTS",
2423
+ "threat": "delete_contents_on_destroy lets a single Terraform destroy wipe every table in the dataset, turning an accidental or malicious apply into total data loss.",
2424
+ "frameworks": [
2425
+ "CIS GCP Foundations Benchmark 7.x"
2426
+ ],
2427
+ "severity": "MEDIUM",
2428
+ "title": "Do not enable delete_contents_on_destroy on BigQuery datasets",
2429
+ "detect": {
2430
+ "target": "terraform",
2431
+ "resourceType": "google_bigquery_dataset",
2432
+ "forbid": "delete_contents_on_destroy\\s*=\\s*true"
2433
+ },
2434
+ "remediate": {
2435
+ "strategy": "set-attr",
2436
+ "ensure": {
2437
+ "delete_contents_on_destroy": "false"
2438
+ }
2439
+ },
2440
+ "requiredActions": [
2441
+ "Set delete_contents_on_destroy = false on the BigQuery dataset."
2442
+ ]
2443
+ },
2444
+ {
2445
+ "ruleId": "GCP_GKE_DNS_CACHE",
2446
+ "threat": "Vertex AI workbench instances reachable over a public IP expose notebook environments and attached credentials to internet-borne attacks.",
2447
+ "frameworks": [
2448
+ "CIS GCP Foundations Benchmark 4.x"
2449
+ ],
2450
+ "severity": "MEDIUM",
2451
+ "title": "Disable public IP on Vertex AI Workbench instances",
2452
+ "detect": {
2453
+ "target": "terraform",
2454
+ "resourceType": "google_workbench_instance",
2455
+ "require": "disable_public_ip\\s*=\\s*true"
2456
+ },
2457
+ "remediate": {
2458
+ "strategy": "manual",
2459
+ "snippet": "Set gce_setup.disable_public_ip = true on the Workbench instance."
2460
+ },
2461
+ "requiredActions": [
2462
+ "Set disable_public_ip = true on the Vertex AI Workbench instance."
2463
+ ]
2464
+ },
2465
+ {
2466
+ "ruleId": "GCP_COMPUTE_SECURITY_POLICY_DEFAULT_DENY",
2467
+ "threat": "A Cloud Armor security policy whose default rule allows all traffic provides no baseline protection; only explicitly blocked patterns are stopped, leaving everything else through.",
2468
+ "frameworks": [
2469
+ "CIS GCP Foundations Benchmark 3.x"
2470
+ ],
2471
+ "severity": "LOW",
2472
+ "title": "Avoid default-allow on Cloud Armor security policies",
2473
+ "detect": {
2474
+ "target": "terraform",
2475
+ "resourceType": "google_compute_security_policy",
2476
+ "require": "rule\\s*\\{"
2477
+ },
2478
+ "remediate": {
2479
+ "strategy": "manual",
2480
+ "snippet": "Define explicit rules (including a default rule with appropriate action) on the security policy."
2481
+ },
2482
+ "requiredActions": [
2483
+ "Define explicit rules with a restrictive default action on the Cloud Armor security policy."
2484
+ ]
2485
+ },
2486
+ {
2487
+ "ruleId": "GCP_SQL_LOG_MIN_DURATION_DISABLED",
2488
+ "threat": "Setting log_min_duration_statement to 0 logs every query including those containing sensitive parameters, which can leak secrets into logs an attacker may read.",
2489
+ "frameworks": [
2490
+ "CIS GCP Foundations Benchmark 6.2.x"
2491
+ ],
2492
+ "severity": "LOW",
2493
+ "title": "Do not log all statements via log_min_duration_statement=0 on Cloud SQL",
2494
+ "detect": {
2495
+ "target": "terraform",
2496
+ "resourceType": "google_sql_database_instance",
2497
+ "forbid": "name\\s*=\\s*\"log_min_duration_statement\"[\\s\\S]*value\\s*=\\s*\"0\""
2498
+ },
2499
+ "remediate": {
2500
+ "strategy": "manual",
2501
+ "snippet": "Set log_min_duration_statement to -1 (disabled) or a positive threshold rather than 0."
2502
+ },
2503
+ "requiredActions": [
2504
+ "Set the log_min_duration_statement flag to -1 or a positive value, not 0."
2505
+ ]
2506
+ },
2507
+ {
2508
+ "ruleId": "GCP_DATAPROC_KERBEROS",
2509
+ "threat": "Dataproc clusters without Kerberos lack strong authentication between Hadoop components, allowing an attacker on the network to impersonate services and access data.",
2510
+ "frameworks": [
2511
+ "CIS GCP Foundations Benchmark 4.x"
2512
+ ],
2513
+ "severity": "LOW",
2514
+ "title": "Enable Kerberos on Dataproc clusters",
2515
+ "detect": {
2516
+ "target": "terraform",
2517
+ "resourceType": "google_dataproc_cluster",
2518
+ "require": "kerberos_config\\s*\\{"
2519
+ },
2520
+ "remediate": {
2521
+ "strategy": "manual",
2522
+ "snippet": "Add a security_config.kerberos_config block to enable Kerberos authentication."
2523
+ },
2524
+ "requiredActions": [
2525
+ "Add a kerberos_config block under security_config on the Dataproc cluster."
2526
+ ]
2527
+ },
2528
+ {
2529
+ "ruleId": "GCP_GKE_INSECURE_KUBELET_READONLY_PORT",
2530
+ "threat": "A node pool exposing the kubelet read-only port (10255) lets any pod or local attacker read node and pod metadata without authentication, aiding reconnaissance and escalation.",
2531
+ "frameworks": [
2532
+ "CIS GCP Foundations Benchmark 7.x"
2533
+ ],
2534
+ "severity": "MEDIUM",
2535
+ "title": "Disable the kubelet read-only port on GKE node pools",
2536
+ "detect": {
2537
+ "target": "terraform",
2538
+ "resourceType": "google_container_node_pool",
2539
+ "forbid": "insecure_kubelet_readonly_port_enabled\\s*=\\s*true"
2540
+ },
2541
+ "remediate": {
2542
+ "strategy": "set-attr",
2543
+ "ensure": {
2544
+ "kubelet_config.insecure_kubelet_readonly_port_enabled": "false"
2545
+ }
2546
+ },
2547
+ "requiredActions": [
2548
+ "Set kubelet_config.insecure_kubelet_readonly_port_enabled = false on the node pool."
2549
+ ]
2550
+ },
2551
+ {
2552
+ "ruleId": "GCP_CLOUD_RUN_V2_NO_DEFAULT_SA",
2553
+ "threat": "A Cloud Run service that omits a dedicated service account runs as the default Compute SA with broad project permissions, so a code-exec bug becomes project-wide compromise.",
2554
+ "frameworks": [
2555
+ "CIS GCP Foundations Benchmark 4.x"
2556
+ ],
2557
+ "severity": "MEDIUM",
2558
+ "title": "Assign a dedicated service account to Cloud Run services",
2559
+ "detect": {
2560
+ "target": "terraform",
2561
+ "resourceType": "google_cloud_run_v2_service",
2562
+ "require": "service_account\\s*="
2563
+ },
2564
+ "remediate": {
2565
+ "strategy": "manual",
2566
+ "snippet": "Set template.service_account to a dedicated least-privilege service account."
2567
+ },
2568
+ "requiredActions": [
2569
+ "Set a dedicated service_account on the Cloud Run v2 service template."
2570
+ ]
2571
+ },
2572
+ {
2573
+ "ruleId": "GCP_COMPUTE_FIREWALL_NO_OPEN_ALL_PORTS",
2574
+ "threat": "A firewall rule allowing all protocols (all) from 0.0.0.0/0 effectively disables the perimeter, exposing every port on targeted instances to the internet.",
2575
+ "frameworks": [
2576
+ "CIS GCP Foundations Benchmark 3.x"
2577
+ ],
2578
+ "severity": "CRITICAL",
2579
+ "title": "Do not allow all protocols from the internet in firewall rules",
2580
+ "detect": {
2581
+ "target": "terraform",
2582
+ "resourceType": "google_compute_firewall",
2583
+ "forbid": "protocol\\s*=\\s*\"all\"[\\s\\S]*0\\.0\\.0\\.0/0"
2584
+ },
2585
+ "remediate": {
2586
+ "strategy": "manual",
2587
+ "snippet": "Replace the protocol = \"all\" allow rule with specific protocols/ports and restricted source_ranges."
2588
+ },
2589
+ "requiredActions": [
2590
+ "Restrict the firewall rule to specific protocols/ports and trusted source_ranges."
2591
+ ]
2592
+ },
2593
+ {
2594
+ "ruleId": "GCP_PROJECT_DEFAULT_SA_NO_IAM_GRANT",
2595
+ "threat": "Granting roles to the default Compute/App Engine service account concentrates excessive privilege on an account attached to many resources, amplifying blast radius of any single compromise.",
2596
+ "frameworks": [
2597
+ "CIS GCP Foundations Benchmark 1.x"
2598
+ ],
2599
+ "severity": "MEDIUM",
2600
+ "title": "Do not grant elevated roles to default service accounts",
2601
+ "detect": {
2602
+ "target": "terraform",
2603
+ "resourceType": "google_project_iam_member",
2604
+ "forbid": "compute@developer\\.gserviceaccount\\.com|appspot\\.gserviceaccount\\.com"
2605
+ },
2606
+ "remediate": {
2607
+ "strategy": "manual",
2608
+ "snippet": "Grant roles to dedicated least-privilege service accounts instead of the default SAs."
2609
+ },
2610
+ "requiredActions": [
2611
+ "Remove role grants to default service accounts in the project IAM member binding."
2612
+ ]
2613
+ },
2614
+ {
2615
+ "ruleId": "GCP_COMPUTE_TARGET_SSL_PROXY_SSL_POLICY",
2616
+ "threat": "An attacker negotiates a weak or legacy TLS cipher against an SSL proxy load balancer that has no SSL policy attached, downgrading the connection to intercept traffic.",
2617
+ "frameworks": [
2618
+ "CIS GCP Foundations Benchmark 3.9"
2619
+ ],
2620
+ "severity": "HIGH",
2621
+ "title": "Attach a restrictive SSL policy to SSL proxy load balancers",
2622
+ "detect": {
2623
+ "target": "terraform",
2624
+ "resourceType": "google_compute_target_ssl_proxy",
2625
+ "require": "ssl_policy\\s*="
2626
+ },
2627
+ "remediate": {
2628
+ "strategy": "set-attr",
2629
+ "ensure": {
2630
+ "ssl_policy": "\"google_compute_ssl_policy.modern.id\""
2631
+ }
2632
+ },
2633
+ "requiredActions": [
2634
+ "Create a google_compute_ssl_policy with min_tls_version TLS_1_2 and profile MODERN or RESTRICTED and reference it via ssl_policy"
2635
+ ]
2636
+ },
2637
+ {
2638
+ "ruleId": "GCP_COMPUTE_SNAPSHOT_CMEK",
2639
+ "threat": "An attacker who exfiltrates a disk snapshot stored with Google-managed keys can restore it in an attacker-controlled project, since no customer key is required to decrypt it.",
2640
+ "frameworks": [
2641
+ "CIS GCP Foundations Benchmark 4.7"
2642
+ ],
2643
+ "severity": "MEDIUM",
2644
+ "title": "Encrypt compute snapshots with customer-managed keys",
2645
+ "detect": {
2646
+ "target": "terraform",
2647
+ "resourceType": "google_compute_snapshot",
2648
+ "require": "snapshot_encryption_key\\s*\\{"
2649
+ },
2650
+ "remediate": {
2651
+ "strategy": "manual",
2652
+ "snippet": "Add a snapshot_encryption_key block referencing a Cloud KMS key."
2653
+ },
2654
+ "requiredActions": [
2655
+ "Add a snapshot_encryption_key block with kms_key_self_link pointing to a customer-managed Cloud KMS key"
2656
+ ]
2657
+ },
2658
+ {
2659
+ "ruleId": "GCP_COMPUTE_IMAGE_CMEK",
2660
+ "threat": "An attacker who gains read access to a custom image encrypted only with Google-managed keys can clone it into another project, exposing baked-in secrets and configuration.",
2661
+ "frameworks": [
2662
+ "CIS GCP Foundations Benchmark 4.7"
2663
+ ],
2664
+ "severity": "MEDIUM",
2665
+ "title": "Encrypt compute images with customer-managed keys",
2666
+ "detect": {
2667
+ "target": "terraform",
2668
+ "resourceType": "google_compute_image",
2669
+ "require": "image_encryption_key\\s*\\{"
2670
+ },
2671
+ "remediate": {
2672
+ "strategy": "manual",
2673
+ "snippet": "Add an image_encryption_key block referencing a Cloud KMS key."
2674
+ },
2675
+ "requiredActions": [
2676
+ "Add an image_encryption_key block with kms_key_self_link pointing to a customer-managed Cloud KMS key"
2677
+ ]
2678
+ },
2679
+ {
2680
+ "ruleId": "GCP_COMPUTE_NETWORK_NO_AUTO_SUBNETS",
2681
+ "threat": "An auto-mode VPC silently creates a subnet in every region, expanding the network attack surface into regions the team never intended to use and complicating firewall governance.",
2682
+ "frameworks": [
2683
+ "CIS GCP Foundations Benchmark 3.1"
2684
+ ],
2685
+ "severity": "LOW",
2686
+ "title": "Disable auto-created subnetworks on VPC networks",
2687
+ "detect": {
2688
+ "target": "terraform",
2689
+ "resourceType": "google_compute_network",
2690
+ "forbid": "auto_create_subnetworks\\s*=\\s*true"
2691
+ },
2692
+ "remediate": {
2693
+ "strategy": "set-attr",
2694
+ "ensure": {
2695
+ "auto_create_subnetworks": "false"
2696
+ }
2697
+ },
2698
+ "requiredActions": [
2699
+ "Set auto_create_subnetworks = false and define subnetworks explicitly per region in use"
2700
+ ]
2701
+ },
2702
+ {
2703
+ "ruleId": "GCP_COMPUTE_PROJECT_METADATA_OSLOGIN",
2704
+ "threat": "Without project-wide OS Login, instances fall back to metadata SSH keys that are not tied to IAM, letting a compromised key grant durable, unaudited shell access across the project.",
2705
+ "frameworks": [
2706
+ "CIS GCP Foundations Benchmark 4.4"
2707
+ ],
2708
+ "severity": "HIGH",
2709
+ "title": "Enable OS Login at the project metadata level",
2710
+ "detect": {
2711
+ "target": "terraform",
2712
+ "resourceType": "google_compute_project_metadata",
2713
+ "require": "enable-oslogin\\s*=\\s*\"?(true|TRUE)"
2714
+ },
2715
+ "remediate": {
2716
+ "strategy": "manual",
2717
+ "snippet": "Add enable-oslogin = \"TRUE\" to the project metadata map."
2718
+ },
2719
+ "requiredActions": [
2720
+ "Add enable-oslogin = \"TRUE\" to the metadata map of google_compute_project_metadata"
2721
+ ]
2722
+ },
2723
+ {
2724
+ "ruleId": "GCP_COMPUTE_PROJECT_METADATA_BLOCK_SSH_KEYS",
2725
+ "threat": "Project-level SSH keys in metadata grant broad shell access to every instance; an attacker who adds a key or steals an existing one moves laterally across all VMs.",
2726
+ "frameworks": [
2727
+ "CIS GCP Foundations Benchmark 4.3"
2728
+ ],
2729
+ "severity": "MEDIUM",
2730
+ "title": "Block project-wide SSH keys via project metadata",
2731
+ "detect": {
2732
+ "target": "terraform",
2733
+ "resourceType": "google_compute_project_metadata",
2734
+ "require": "block-project-ssh-keys\\s*=\\s*\"?(true|TRUE)"
2735
+ },
2736
+ "remediate": {
2737
+ "strategy": "manual",
2738
+ "snippet": "Add block-project-ssh-keys = \"TRUE\" to the project metadata map."
2739
+ },
2740
+ "requiredActions": [
2741
+ "Add block-project-ssh-keys = \"TRUE\" to the metadata map of google_compute_project_metadata"
2742
+ ]
2743
+ },
2744
+ {
2745
+ "ruleId": "GCP_COMPUTE_SECURITY_POLICY_ADAPTIVE_PROTECTION",
2746
+ "threat": "Without Cloud Armor Adaptive Protection, a volumetric Layer 7 DDoS attack against the application can saturate the backend before static rules ever trigger.",
2747
+ "frameworks": [
2748
+ "CIS GCP Foundations Benchmark 3.x"
2749
+ ],
2750
+ "severity": "MEDIUM",
2751
+ "title": "Enable Cloud Armor Adaptive Protection for L7 DDoS",
2752
+ "detect": {
2753
+ "target": "terraform",
2754
+ "resourceType": "google_compute_security_policy",
2755
+ "require": "adaptive_protection_config\\s*\\{"
2756
+ },
2757
+ "remediate": {
2758
+ "strategy": "manual",
2759
+ "snippet": "Add adaptive_protection_config with layer_7_ddos_defense_config enable = true."
2760
+ },
2761
+ "requiredActions": [
2762
+ "Add an adaptive_protection_config block enabling layer_7_ddos_defense_config"
2763
+ ]
2764
+ },
2765
+ {
2766
+ "ruleId": "GCP_GKE_AUTHENTICATOR_GROUPS",
2767
+ "threat": "Without authenticator group configuration, RBAC cannot bind Kubernetes roles to Google Groups, forcing per-user grants that drift and leave stale cluster-admin access.",
2768
+ "frameworks": [
2769
+ "CIS GCP Foundations Benchmark 7.x"
2770
+ ],
2771
+ "severity": "LOW",
2772
+ "title": "Configure Google Groups for GKE RBAC",
2773
+ "detect": {
2774
+ "target": "terraform",
2775
+ "resourceType": "google_container_cluster",
2776
+ "require": "authenticator_groups_config\\s*\\{"
2777
+ },
2778
+ "remediate": {
2779
+ "strategy": "manual",
2780
+ "snippet": "Add authenticator_groups_config with the gke-security-groups group."
2781
+ },
2782
+ "requiredActions": [
2783
+ "Add an authenticator_groups_config block with a security_group binding to gke-security-groups@yourdomain"
2784
+ ]
2785
+ },
2786
+ {
2787
+ "ruleId": "GCP_GKE_MESH_CERTIFICATES",
2788
+ "threat": "Without managed mesh certificates, service-to-service mTLS in the cluster relies on manually rotated certs that expire or leak, enabling impersonation between workloads.",
2789
+ "frameworks": [
2790
+ "CIS GCP Foundations Benchmark 7.x"
2791
+ ],
2792
+ "severity": "LOW",
2793
+ "title": "Enable managed mesh certificates on GKE",
2794
+ "detect": {
2795
+ "target": "terraform",
2796
+ "resourceType": "google_container_cluster",
2797
+ "require": "mesh_certificates\\s*\\{[^}]*enable_certificates\\s*=\\s*true"
2798
+ },
2799
+ "remediate": {
2800
+ "strategy": "manual",
2801
+ "snippet": "Add mesh_certificates with enable_certificates = true."
2802
+ },
2803
+ "requiredActions": [
2804
+ "Add a mesh_certificates block with enable_certificates = true and Workload Identity enabled"
2805
+ ]
2806
+ },
2807
+ {
2808
+ "ruleId": "GCP_GKE_PROTECT_CONFIG_WORKLOAD_VULN",
2809
+ "threat": "Without workload vulnerability scanning, an attacker can deploy containers with known-exploitable packages that go undetected until they are used for initial access.",
2810
+ "frameworks": [
2811
+ "CIS GCP Foundations Benchmark 7.x"
2812
+ ],
2813
+ "severity": "MEDIUM",
2814
+ "title": "Enable GKE workload vulnerability scanning in security posture",
2815
+ "detect": {
2816
+ "target": "terraform",
2817
+ "resourceType": "google_container_cluster",
2818
+ "require": "workload_vulnerability_mode\\s*=\\s*\"VULNERABILITY_(BASIC|ENTERPRISE)\""
2819
+ },
2820
+ "remediate": {
2821
+ "strategy": "manual",
2822
+ "snippet": "Set vulnerability_mode in security_posture_config."
2823
+ },
2824
+ "requiredActions": [
2825
+ "Set vulnerability_mode to VULNERABILITY_BASIC or VULNERABILITY_ENTERPRISE inside security_posture_config"
2826
+ ]
2827
+ },
2828
+ {
2829
+ "ruleId": "GCP_GKE_NODE_CONFIDENTIAL_STORAGE",
2830
+ "threat": "Local SSD scratch data written in cleartext can be recovered from the underlying host; without confidential storage encryption, an attacker with host access reads ephemeral workload data.",
2831
+ "frameworks": [
2832
+ "CIS GCP Foundations Benchmark 7.x"
2833
+ ],
2834
+ "severity": "MEDIUM",
2835
+ "title": "Enable confidential storage on GKE node pools",
2836
+ "detect": {
2837
+ "target": "terraform",
2838
+ "resourceType": "google_container_node_pool",
2839
+ "require": "enable_confidential_storage\\s*=\\s*true"
2840
+ },
2841
+ "remediate": {
2842
+ "strategy": "manual",
2843
+ "snippet": "Set enable_confidential_storage = true inside node_config (requires local SSD)."
2844
+ },
2845
+ "requiredActions": [
2846
+ "Set enable_confidential_storage = true in node_config and attach local NVMe SSDs"
2847
+ ]
2848
+ },
2849
+ {
2850
+ "ruleId": "GCP_GKE_NODE_BLOCK_PROJECT_SSH",
2851
+ "threat": "Node VMs that accept project-wide SSH keys give an attacker a direct shell onto Kubernetes hosts, bypassing the control plane and exposing kubelet credentials.",
2852
+ "frameworks": [
2853
+ "CIS GCP Foundations Benchmark 4.3"
2854
+ ],
2855
+ "severity": "MEDIUM",
2856
+ "title": "Block project SSH keys on GKE node pools",
2857
+ "detect": {
2858
+ "target": "terraform",
2859
+ "resourceType": "google_container_node_pool",
2860
+ "require": "block-project-ssh-keys\\s*=\\s*\"?(true|TRUE)"
2861
+ },
2862
+ "remediate": {
2863
+ "strategy": "manual",
2864
+ "snippet": "Add block-project-ssh-keys = \"true\" to node_config.metadata."
2865
+ },
2866
+ "requiredActions": [
2867
+ "Add block-project-ssh-keys = \"true\" to the metadata map in node_config"
2868
+ ]
2869
+ },
2870
+ {
2871
+ "ruleId": "GCP_SQL_LOG_STATEMENT_DDL",
2872
+ "threat": "Without statement logging, an attacker performing schema changes or privilege escalation via DDL leaves no audit trail, defeating post-incident forensics.",
2873
+ "frameworks": [
2874
+ "CIS GCP Foundations Benchmark 6.2.x"
2875
+ ],
2876
+ "severity": "LOW",
2877
+ "title": "Log DDL statements on Cloud SQL PostgreSQL",
2878
+ "detect": {
2879
+ "target": "terraform",
2880
+ "resourceType": "google_sql_database_instance",
2881
+ "require": "name\\s*=\\s*\"log_statement\"[\\s\\S]*value\\s*=\\s*\"(ddl|mod|all)\""
2882
+ },
2883
+ "remediate": {
2884
+ "strategy": "manual",
2885
+ "snippet": "Add a database_flags block log_statement = ddl (or mod)."
2886
+ },
2887
+ "requiredActions": [
2888
+ "Add a database_flags entry with name = \"log_statement\" and value = \"ddl\" or stricter"
2889
+ ]
2890
+ },
2891
+ {
2892
+ "ruleId": "GCP_SQL_LOG_ERROR_VERBOSITY",
2893
+ "threat": "Terse error verbosity hides query context an investigator needs to reconstruct an attacker's failed injection attempts and probing.",
2894
+ "frameworks": [
2895
+ "CIS GCP Foundations Benchmark 6.2.x"
2896
+ ],
2897
+ "severity": "LOW",
2898
+ "title": "Set adequate error verbosity on Cloud SQL PostgreSQL",
2899
+ "detect": {
2900
+ "target": "terraform",
2901
+ "resourceType": "google_sql_database_instance",
2902
+ "require": "name\\s*=\\s*\"log_error_verbosity\"[\\s\\S]*value\\s*=\\s*\"(default|verbose)\""
2903
+ },
2904
+ "remediate": {
2905
+ "strategy": "manual",
2906
+ "snippet": "Add database_flags log_error_verbosity = default."
2907
+ },
2908
+ "requiredActions": [
2909
+ "Add a database_flags entry with name = \"log_error_verbosity\" and value = \"default\" or \"verbose\""
2910
+ ]
2911
+ },
2912
+ {
2913
+ "ruleId": "GCP_SQL_LOG_HOSTNAME",
2914
+ "threat": "Without hostname logging, connection log entries show only IPs, hampering correlation of an attacker's source host across audit records.",
2915
+ "frameworks": [
2916
+ "CIS GCP Foundations Benchmark 6.2.x"
2917
+ ],
2918
+ "severity": "LOW",
2919
+ "title": "Log client hostnames on Cloud SQL PostgreSQL",
2920
+ "detect": {
2921
+ "target": "terraform",
2922
+ "resourceType": "google_sql_database_instance",
2923
+ "require": "name\\s*=\\s*\"log_hostname\"[\\s\\S]*value\\s*=\\s*\"on\""
2924
+ },
2925
+ "remediate": {
2926
+ "strategy": "manual",
2927
+ "snippet": "Add database_flags log_hostname = on."
2928
+ },
2929
+ "requiredActions": [
2930
+ "Add a database_flags entry with name = \"log_hostname\" and value = \"on\""
2931
+ ]
2932
+ },
2933
+ {
2934
+ "ruleId": "GCP_SQL_LOG_TEMP_FILES",
2935
+ "threat": "Unlogged temp file creation hides resource-exhaustion or data-exfiltration queries that spill large result sets to disk.",
2936
+ "frameworks": [
2937
+ "CIS GCP Foundations Benchmark 6.2.x"
2938
+ ],
2939
+ "severity": "LOW",
2940
+ "title": "Log temporary files on Cloud SQL PostgreSQL",
2941
+ "detect": {
2942
+ "target": "terraform",
2943
+ "resourceType": "google_sql_database_instance",
2944
+ "require": "name\\s*=\\s*\"log_temp_files\"[\\s\\S]*value\\s*=\\s*\"0\""
2945
+ },
2946
+ "remediate": {
2947
+ "strategy": "manual",
2948
+ "snippet": "Add database_flags log_temp_files = 0 to log all temp files."
2949
+ },
2950
+ "requiredActions": [
2951
+ "Add a database_flags entry with name = \"log_temp_files\" and value = \"0\""
2952
+ ]
2953
+ },
2954
+ {
2955
+ "ruleId": "GCP_SQL_PASSWORD_POLICY",
2956
+ "threat": "Without a built-in password policy, weak or reused database passwords survive, letting an attacker brute-force or credential-stuff the instance.",
2957
+ "frameworks": [
2958
+ "CIS GCP Foundations Benchmark 6.x"
2959
+ ],
2960
+ "severity": "MEDIUM",
2961
+ "title": "Enforce a password policy on Cloud SQL instances",
2962
+ "detect": {
2963
+ "target": "terraform",
2964
+ "resourceType": "google_sql_database_instance",
2965
+ "require": "password_validation_policy\\s*\\{"
2966
+ },
2967
+ "remediate": {
2968
+ "strategy": "manual",
2969
+ "snippet": "Add a password_validation_policy block with enable_password_policy = true."
2970
+ },
2971
+ "requiredActions": [
2972
+ "Add a settings.password_validation_policy block with enable_password_policy = true and min_length >= 14"
2973
+ ]
2974
+ },
2975
+ {
2976
+ "ruleId": "GCP_SQL_SSL_MODE_ENCRYPTED_ONLY",
2977
+ "threat": "An instance that still accepts unencrypted connections lets a network attacker sniff or MITM database traffic; require_ssl alone does not enforce the stronger ssl_mode.",
2978
+ "frameworks": [
2979
+ "CIS GCP Foundations Benchmark 6.4"
2980
+ ],
2981
+ "severity": "HIGH",
2982
+ "title": "Require encrypted-only SSL mode on Cloud SQL",
2983
+ "detect": {
2984
+ "target": "terraform",
2985
+ "resourceType": "google_sql_database_instance",
2986
+ "require": "ssl_mode\\s*=\\s*\"(ENCRYPTED_ONLY|TRUSTED_CLIENT_CERTIFICATE_REQUIRED)\""
2987
+ },
2988
+ "remediate": {
2989
+ "strategy": "manual",
2990
+ "snippet": "Set ssl_mode = ENCRYPTED_ONLY in settings.ip_configuration."
2991
+ },
2992
+ "requiredActions": [
2993
+ "Set ssl_mode to ENCRYPTED_ONLY or TRUSTED_CLIENT_CERTIFICATE_REQUIRED in ip_configuration"
2994
+ ]
2995
+ },
2996
+ {
2997
+ "ruleId": "GCP_SQL_PRIVATE_PATH_GOOGLE_SERVICES",
2998
+ "threat": "Without a private path for Google Cloud services, internal GCP service traffic to the database can traverse public IP routing, broadening exposure.",
2999
+ "frameworks": [
3000
+ "CIS GCP Foundations Benchmark 6.x"
3001
+ ],
3002
+ "severity": "LOW",
3003
+ "title": "Enable private path for Google Cloud services on Cloud SQL",
3004
+ "detect": {
3005
+ "target": "terraform",
3006
+ "resourceType": "google_sql_database_instance",
3007
+ "require": "enable_private_path_for_google_cloud_services\\s*=\\s*true"
3008
+ },
3009
+ "remediate": {
3010
+ "strategy": "manual",
3011
+ "snippet": "Set enable_private_path_for_google_cloud_services = true in ip_configuration."
3012
+ },
3013
+ "requiredActions": [
3014
+ "Set enable_private_path_for_google_cloud_services = true in settings.ip_configuration"
3015
+ ]
3016
+ },
3017
+ {
3018
+ "ruleId": "GCP_STORAGE_DEFAULT_EVENT_BASED_HOLD",
3019
+ "threat": "Without a default event-based hold, objects can be deleted before a retention event is set, letting an attacker destroy evidence immediately after writing it.",
3020
+ "frameworks": [
3021
+ "CIS GCP Foundations Benchmark 5.x"
3022
+ ],
3023
+ "severity": "LOW",
3024
+ "title": "Set default event-based hold on sensitive buckets",
3025
+ "detect": {
3026
+ "target": "terraform",
3027
+ "resourceType": "google_storage_bucket",
3028
+ "require": "default_event_based_hold\\s*=\\s*true"
3029
+ },
3030
+ "remediate": {
3031
+ "strategy": "set-attr",
3032
+ "ensure": {
3033
+ "default_event_based_hold": "true"
3034
+ }
3035
+ },
3036
+ "requiredActions": [
3037
+ "Set default_event_based_hold = true on the google_storage_bucket"
3038
+ ]
3039
+ },
3040
+ {
3041
+ "ruleId": "GCP_DATAPROC_NO_HTTP_PORT_ACCESS",
3042
+ "threat": "An open Dataproc component-gateway HTTP port exposes cluster web UIs (YARN, Spark) to the internet, leaking job data and offering a foothold for code execution.",
3043
+ "frameworks": [
3044
+ "CIS GCP Foundations Benchmark 3.x"
3045
+ ],
3046
+ "severity": "MEDIUM",
3047
+ "title": "Disable Dataproc component HTTP port access",
3048
+ "detect": {
3049
+ "target": "terraform",
3050
+ "resourceType": "google_dataproc_cluster",
3051
+ "forbid": "enable_http_port_access\\s*=\\s*true"
3052
+ },
3053
+ "remediate": {
3054
+ "strategy": "manual",
3055
+ "snippet": "Set enable_http_port_access = false in cluster_config.endpoint_config."
3056
+ },
3057
+ "requiredActions": [
3058
+ "Set enable_http_port_access = false in endpoint_config or remove the component gateway"
3059
+ ]
3060
+ },
3061
+ {
3062
+ "ruleId": "GCP_DATAFLOW_KMS",
3063
+ "threat": "Dataflow pipeline state and shuffle data encrypted only with Google-managed keys can be read by anyone who compromises the service, with no customer key boundary.",
3064
+ "frameworks": [
3065
+ "CIS GCP Foundations Benchmark 4.7"
3066
+ ],
3067
+ "severity": "MEDIUM",
3068
+ "title": "Encrypt Dataflow jobs with a customer-managed key",
3069
+ "detect": {
3070
+ "target": "terraform",
3071
+ "resourceType": "google_dataflow_job",
3072
+ "require": "kms_key_name\\s*="
3073
+ },
3074
+ "remediate": {
3075
+ "strategy": "set-attr",
3076
+ "ensure": {
3077
+ "kms_key_name": "\"google_kms_crypto_key.dataflow.id\""
3078
+ }
3079
+ },
3080
+ "requiredActions": [
3081
+ "Set kms_key_name to a customer-managed Cloud KMS crypto key id"
3082
+ ]
3083
+ },
3084
+ {
3085
+ "ruleId": "GCP_CLOUD_RUN_V2_BINARY_AUTH",
3086
+ "threat": "Without Binary Authorization, an attacker who can push to the registry deploys an unsigned, tampered image to Cloud Run with no admission control.",
3087
+ "frameworks": [
3088
+ "CIS GCP Foundations Benchmark 4.x"
3089
+ ],
3090
+ "severity": "MEDIUM",
3091
+ "title": "Enforce Binary Authorization on Cloud Run v2 services",
3092
+ "detect": {
3093
+ "target": "terraform",
3094
+ "resourceType": "google_cloud_run_v2_service",
3095
+ "require": "binary_authorization\\s*\\{"
3096
+ },
3097
+ "remediate": {
3098
+ "strategy": "manual",
3099
+ "snippet": "Add a binary_authorization block referencing a policy."
3100
+ },
3101
+ "requiredActions": [
3102
+ "Add a binary_authorization block (use_default = true or a policy) and define a deploy policy that requires attestations"
3103
+ ]
3104
+ },
3105
+ {
3106
+ "ruleId": "GCP_CLOUD_RUN_V2_CMEK",
3107
+ "threat": "A Cloud Run revision encrypted only with Google-managed keys offers no customer-controlled key revocation if the workload or its data is compromised.",
3108
+ "frameworks": [
3109
+ "CIS GCP Foundations Benchmark 4.7"
3110
+ ],
3111
+ "severity": "LOW",
3112
+ "title": "Encrypt Cloud Run v2 services with a customer-managed key",
3113
+ "detect": {
3114
+ "target": "terraform",
3115
+ "resourceType": "google_cloud_run_v2_service",
3116
+ "require": "encryption_key\\s*="
3117
+ },
3118
+ "remediate": {
3119
+ "strategy": "manual",
3120
+ "snippet": "Set template.encryption_key to a Cloud KMS key."
3121
+ },
3122
+ "requiredActions": [
3123
+ "Set encryption_key in the service template to a customer-managed Cloud KMS key id"
3124
+ ]
3125
+ },
3126
+ {
3127
+ "ruleId": "GCP_CLOUDFUNCTIONS_VPC_EGRESS_PRIVATE",
3128
+ "threat": "A function with ALL_TRAFFIC egress not pinned to the VPC connector can reach the internet directly, enabling data exfiltration that bypasses network controls.",
3129
+ "frameworks": [
3130
+ "CIS GCP Foundations Benchmark 4.x"
3131
+ ],
3132
+ "severity": "LOW",
3133
+ "title": "Route all Cloud Function egress through the VPC connector",
3134
+ "detect": {
3135
+ "target": "terraform",
3136
+ "resourceType": "google_cloudfunctions_function",
3137
+ "require": "vpc_connector_egress_settings\\s*=\\s*\"ALL_TRAFFIC\""
3138
+ },
3139
+ "remediate": {
3140
+ "strategy": "set-attr",
3141
+ "ensure": {
3142
+ "vpc_connector_egress_settings": "\"ALL_TRAFFIC\""
3143
+ }
3144
+ },
3145
+ "requiredActions": [
3146
+ "Set vpc_connector_egress_settings = \"ALL_TRAFFIC\" so all egress traverses the VPC connector"
3147
+ ]
3148
+ },
3149
+ {
3150
+ "ruleId": "GCP_CLOUDFUNCTIONS2_VPC_CONNECTOR",
3151
+ "threat": "A 2nd-gen function with no VPC connector reaches resources over public networking, expanding the egress attack surface and bypassing private-network controls.",
3152
+ "frameworks": [
3153
+ "CIS GCP Foundations Benchmark 4.x"
3154
+ ],
3155
+ "severity": "LOW",
3156
+ "title": "Attach a VPC connector to 2nd-gen Cloud Functions",
3157
+ "detect": {
3158
+ "target": "terraform",
3159
+ "resourceType": "google_cloudfunctions2_function",
3160
+ "require": "vpc_connector\\s*="
3161
+ },
3162
+ "remediate": {
3163
+ "strategy": "manual",
3164
+ "snippet": "Set service_config.vpc_connector to a Serverless VPC Access connector."
3165
+ },
3166
+ "requiredActions": [
3167
+ "Set vpc_connector in service_config to a google_vpc_access_connector id"
3168
+ ]
3169
+ },
3170
+ {
3171
+ "ruleId": "GCP_VERTEX_AI_INDEX_ENDPOINT_CMEK",
3172
+ "threat": "A Vertex AI index endpoint without CMEK stores embedding data under Google-managed keys, removing the customer's ability to revoke access to sensitive vector data.",
3173
+ "frameworks": [
3174
+ "CIS GCP Foundations Benchmark 4.7"
3175
+ ],
3176
+ "severity": "LOW",
3177
+ "title": "Encrypt Vertex AI index endpoints with a customer-managed key",
3178
+ "detect": {
3179
+ "target": "terraform",
3180
+ "resourceType": "google_vertex_ai_index_endpoint",
3181
+ "require": "encryption_spec\\s*\\{"
3182
+ },
3183
+ "remediate": {
3184
+ "strategy": "manual",
3185
+ "snippet": "Add an encryption_spec block with kms_key_name."
3186
+ },
3187
+ "requiredActions": [
3188
+ "Add an encryption_spec block with kms_key_name set to a customer-managed Cloud KMS key"
3189
+ ]
3190
+ },
3191
+ {
3192
+ "ruleId": "GCP_VERTEX_AI_METADATA_STORE_CMEK",
3193
+ "threat": "ML metadata (lineage, parameters) in a Vertex AI metadata store without CMEK cannot be cryptographically isolated, exposing training provenance if Google-managed keys are compromised.",
3194
+ "frameworks": [
3195
+ "CIS GCP Foundations Benchmark 4.7"
3196
+ ],
3197
+ "severity": "LOW",
3198
+ "title": "Encrypt Vertex AI metadata stores with a customer-managed key",
3199
+ "detect": {
3200
+ "target": "terraform",
3201
+ "resourceType": "google_vertex_ai_metadata_store",
3202
+ "require": "encryption_spec\\s*\\{"
3203
+ },
3204
+ "remediate": {
3205
+ "strategy": "manual",
3206
+ "snippet": "Add an encryption_spec block with kms_key_name."
3207
+ },
3208
+ "requiredActions": [
3209
+ "Add an encryption_spec block with kms_key_name set to a customer-managed Cloud KMS key"
3210
+ ]
3211
+ },
3212
+ {
3213
+ "ruleId": "GCP_VERTEX_AI_TENSORBOARD_CMEK",
3214
+ "threat": "Tensorboard experiment data without CMEK is encrypted only with Google keys, denying the customer the ability to revoke access to potentially sensitive training artifacts.",
3215
+ "frameworks": [
3216
+ "CIS GCP Foundations Benchmark 4.7"
3217
+ ],
3218
+ "severity": "LOW",
3219
+ "title": "Encrypt Vertex AI Tensorboards with a customer-managed key",
3220
+ "detect": {
3221
+ "target": "terraform",
3222
+ "resourceType": "google_vertex_ai_tensorboard",
3223
+ "require": "encryption_spec\\s*\\{"
3224
+ },
3225
+ "remediate": {
3226
+ "strategy": "manual",
3227
+ "snippet": "Add an encryption_spec block with kms_key_name."
3228
+ },
3229
+ "requiredActions": [
3230
+ "Add an encryption_spec block with kms_key_name set to a customer-managed Cloud KMS key"
3231
+ ]
3232
+ },
3233
+ {
3234
+ "ruleId": "GCP_NOTEBOOK_DISK_CMEK",
3235
+ "threat": "A Vertex AI Workbench notebook boot/data disk under Google-managed keys exposes notebook contents and credentials if the platform key boundary is breached.",
3236
+ "frameworks": [
3237
+ "CIS GCP Foundations Benchmark 4.7"
3238
+ ],
3239
+ "severity": "LOW",
3240
+ "title": "Encrypt notebook instance disks with a customer-managed key",
3241
+ "detect": {
3242
+ "target": "terraform",
3243
+ "resourceType": "google_notebooks_instance",
3244
+ "require": "kms_key\\s*="
3245
+ },
3246
+ "remediate": {
3247
+ "strategy": "set-attr",
3248
+ "ensure": {
3249
+ "disk_encryption": "\"CMEK\"",
3250
+ "kms_key": "\"google_kms_crypto_key.notebook.id\""
3251
+ }
3252
+ },
3253
+ "requiredActions": [
3254
+ "Set disk_encryption = \"CMEK\" and kms_key to a customer-managed Cloud KMS key id"
3255
+ ]
3256
+ },
3257
+ {
3258
+ "ruleId": "GCP_NOTEBOOK_NO_PROXY_ACCESS",
3259
+ "threat": "Leaving the notebook proxy access enabled exposes a public Jupyter URL; an attacker who guesses or steals the proxy URL gains an interactive code-execution session.",
3260
+ "frameworks": [
3261
+ "CIS GCP Foundations Benchmark 4.x"
3262
+ ],
3263
+ "severity": "MEDIUM",
3264
+ "title": "Disable proxy access on notebook instances",
3265
+ "detect": {
3266
+ "target": "terraform",
3267
+ "resourceType": "google_notebooks_instance",
3268
+ "require": "no_proxy_access\\s*=\\s*true"
3269
+ },
3270
+ "remediate": {
3271
+ "strategy": "set-attr",
3272
+ "ensure": {
3273
+ "no_proxy_access": "true"
3274
+ }
3275
+ },
3276
+ "requiredActions": [
3277
+ "Set no_proxy_access = true on the google_notebooks_instance"
3278
+ ]
3279
+ },
3280
+ {
3281
+ "ruleId": "GCP_ORG_POLICY_DISABLE_SA_KEY_CREATION",
3282
+ "threat": "Long-lived service account keys are the top GCP credential-theft vector; without the constraint, any project member can mint a downloadable key that never expires.",
3283
+ "frameworks": [
3284
+ "CIS GCP Foundations Benchmark 1.4"
3285
+ ],
3286
+ "severity": "HIGH",
3287
+ "title": "Enforce org policy disabling service account key creation",
3288
+ "detect": {
3289
+ "target": "terraform",
3290
+ "resourceType": "google_org_policy_policy",
3291
+ "forbid": "iam\\.disableServiceAccountKeyCreation[\\s\\S]*enforce\\s*=\\s*\"FALSE\""
3292
+ },
3293
+ "remediate": {
3294
+ "strategy": "manual",
3295
+ "snippet": "Set the boolean rule enforce = TRUE for iam.disableServiceAccountKeyCreation."
3296
+ },
3297
+ "requiredActions": [
3298
+ "Set spec.rules.enforce = TRUE for the iam.disableServiceAccountKeyCreation constraint"
3299
+ ]
3300
+ },
3301
+ {
3302
+ "ruleId": "GCP_ORG_POLICY_VM_EXTERNAL_IP_DISABLED",
3303
+ "threat": "Without the vmExternalIpAccess constraint enforced, any VM can be given a public IP, exposing it directly to internet scanning and attack.",
3304
+ "frameworks": [
3305
+ "CIS GCP Foundations Benchmark 4.9"
3306
+ ],
3307
+ "severity": "MEDIUM",
3308
+ "title": "Enforce org policy restricting VM external IP access",
3309
+ "detect": {
3310
+ "target": "terraform",
3311
+ "resourceType": "google_org_policy_policy",
3312
+ "forbid": "compute\\.vmExternalIpAccess[\\s\\S]*allow_all\\s*=\\s*true"
3313
+ },
3314
+ "remediate": {
3315
+ "strategy": "manual",
3316
+ "snippet": "Set a deny_all = true list rule for compute.vmExternalIpAccess."
3317
+ },
3318
+ "requiredActions": [
3319
+ "Set spec.rules with deny_all = true for the compute.vmExternalIpAccess list constraint"
3320
+ ]
3321
+ },
3322
+ {
3323
+ "ruleId": "GCP_ORG_POLICY_REQUIRE_OSLOGIN",
3324
+ "threat": "Without enforcing compute.requireOsLogin org-wide, projects can fall back to metadata SSH keys that bypass IAM-based access auditing.",
3325
+ "frameworks": [
3326
+ "CIS GCP Foundations Benchmark 4.4"
3327
+ ],
3328
+ "severity": "MEDIUM",
3329
+ "title": "Enforce org policy requiring OS Login",
3330
+ "detect": {
3331
+ "target": "terraform",
3332
+ "resourceType": "google_org_policy_policy",
3333
+ "forbid": "compute\\.requireOsLogin[\\s\\S]*enforce\\s*=\\s*\"FALSE\""
3334
+ },
3335
+ "remediate": {
3336
+ "strategy": "manual",
3337
+ "snippet": "Set the boolean rule enforce = TRUE for compute.requireOsLogin."
3338
+ },
3339
+ "requiredActions": [
3340
+ "Set spec.rules.enforce = TRUE for the compute.requireOsLogin constraint"
3341
+ ]
3342
+ },
3343
+ {
3344
+ "ruleId": "GCP_ORG_POLICY_SHIELDED_VM",
3345
+ "threat": "Without enforcing compute.requireShieldedVm, attackers can launch VMs lacking secure boot and vTPM, enabling rootkit persistence undetected by integrity monitoring.",
3346
+ "frameworks": [
3347
+ "CIS GCP Foundations Benchmark 4.8"
3348
+ ],
3349
+ "severity": "MEDIUM",
3350
+ "title": "Enforce org policy requiring Shielded VM",
3351
+ "detect": {
3352
+ "target": "terraform",
3353
+ "resourceType": "google_org_policy_policy",
3354
+ "forbid": "compute\\.requireShieldedVm[\\s\\S]*enforce\\s*=\\s*\"FALSE\""
3355
+ },
3356
+ "remediate": {
3357
+ "strategy": "manual",
3358
+ "snippet": "Set the boolean rule enforce = TRUE for compute.requireShieldedVm."
3359
+ },
3360
+ "requiredActions": [
3361
+ "Set spec.rules.enforce = TRUE for the compute.requireShieldedVm constraint"
3362
+ ]
3363
+ },
3364
+ {
3365
+ "ruleId": "GCP_ORG_POLICY_UNIFORM_BUCKET_ACCESS",
3366
+ "threat": "Without enforcing storage.uniformBucketLevelAccess, buckets can use legacy ACLs that grant object-level public access invisible to IAM-based policy review.",
3367
+ "frameworks": [
3368
+ "CIS GCP Foundations Benchmark 5.2"
3369
+ ],
3370
+ "severity": "MEDIUM",
3371
+ "title": "Enforce org policy requiring uniform bucket-level access",
3372
+ "detect": {
3373
+ "target": "terraform",
3374
+ "resourceType": "google_org_policy_policy",
3375
+ "forbid": "storage\\.uniformBucketLevelAccess[\\s\\S]*enforce\\s*=\\s*\"FALSE\""
3376
+ },
3377
+ "remediate": {
3378
+ "strategy": "manual",
3379
+ "snippet": "Set the boolean rule enforce = TRUE for storage.uniformBucketLevelAccess."
3380
+ },
3381
+ "requiredActions": [
3382
+ "Set spec.rules.enforce = TRUE for the storage.uniformBucketLevelAccess constraint"
3383
+ ]
3384
+ },
3385
+ {
3386
+ "ruleId": "GCP_ORG_POLICY_DISABLE_SERIAL_PORT",
3387
+ "threat": "Serial-port access offers an out-of-band console that bypasses SSH controls; without compute.disableSerialPortAccess enforced, an attacker with metadata access can open an interactive serial session.",
3388
+ "frameworks": [
3389
+ "CIS GCP Foundations Benchmark 4.5"
3390
+ ],
3391
+ "severity": "MEDIUM",
3392
+ "title": "Enforce org policy disabling serial port access",
3393
+ "detect": {
3394
+ "target": "terraform",
3395
+ "resourceType": "google_org_policy_policy",
3396
+ "forbid": "compute\\.disableSerialPortAccess[\\s\\S]*enforce\\s*=\\s*\"FALSE\""
3397
+ },
3398
+ "remediate": {
3399
+ "strategy": "manual",
3400
+ "snippet": "Set the boolean rule enforce = TRUE for compute.disableSerialPortAccess."
3401
+ },
3402
+ "requiredActions": [
3403
+ "Set spec.rules.enforce = TRUE for the compute.disableSerialPortAccess constraint"
3404
+ ]
3405
+ },
3406
+ {
3407
+ "ruleId": "GCP_ORG_POLICY_RESTRICT_VPC_PEERING",
3408
+ "threat": "Unrestricted VPC peering lets an attacker who controls another project bridge networks into yours, exposing internal services across the peering boundary.",
3409
+ "frameworks": [
3410
+ "CIS GCP Foundations Benchmark 3.x"
3411
+ ],
3412
+ "severity": "LOW",
3413
+ "title": "Enforce org policy restricting VPC peering",
3414
+ "detect": {
3415
+ "target": "terraform",
3416
+ "resourceType": "google_org_policy_policy",
3417
+ "forbid": "compute\\.restrictVpcPeering[\\s\\S]*allow_all\\s*=\\s*true"
3418
+ },
3419
+ "remediate": {
3420
+ "strategy": "manual",
3421
+ "snippet": "Replace allow_all with an allowed_values list of approved networks for compute.restrictVpcPeering."
3422
+ },
3423
+ "requiredActions": [
3424
+ "Replace allow_all = true with an explicit allowed_values list for the compute.restrictVpcPeering constraint"
3425
+ ]
3426
+ },
3427
+ {
3428
+ "ruleId": "GCP_BINARY_AUTHORIZATION_REQUIRE_ATTESTATION",
3429
+ "threat": "A Binary Authorization policy whose default rule allows all images defeats the control entirely, letting an attacker deploy unsigned malicious containers cluster-wide.",
3430
+ "frameworks": [
3431
+ "CIS GCP Foundations Benchmark 4.x"
3432
+ ],
3433
+ "severity": "HIGH",
3434
+ "title": "Require attestation in Binary Authorization default rule",
3435
+ "detect": {
3436
+ "target": "terraform",
3437
+ "resourceType": "google_binary_authorization_policy",
3438
+ "forbid": "evaluation_mode\\s*=\\s*\"ALWAYS_ALLOW\""
3439
+ },
3440
+ "remediate": {
3441
+ "strategy": "manual",
3442
+ "snippet": "Set default_admission_rule evaluation_mode = REQUIRE_ATTESTATION and enforcement_mode = ENFORCED_BLOCK_AND_AUDIT_LOG."
3443
+ },
3444
+ "requiredActions": [
3445
+ "Set the default_admission_rule evaluation_mode to REQUIRE_ATTESTATION with ENFORCED_BLOCK_AND_AUDIT_LOG enforcement"
3446
+ ]
3447
+ },
3448
+ {
3449
+ "ruleId": "GCP_DATA_FUSION_PRIVATE_INSTANCE",
3450
+ "threat": "A non-private Data Fusion instance exposes its pipeline UI and tenant project over public networking, broadening the attack surface for the data-integration plane.",
3451
+ "frameworks": [
3452
+ "CIS GCP Foundations Benchmark 3.x"
3453
+ ],
3454
+ "severity": "MEDIUM",
3455
+ "title": "Make Data Fusion instances private",
3456
+ "detect": {
3457
+ "target": "terraform",
3458
+ "resourceType": "google_data_fusion_instance",
3459
+ "require": "private_instance\\s*=\\s*true"
3460
+ },
3461
+ "remediate": {
3462
+ "strategy": "set-attr",
3463
+ "ensure": {
3464
+ "private_instance": "true"
3465
+ }
3466
+ },
3467
+ "requiredActions": [
3468
+ "Set private_instance = true and supply a network_config for private peering"
3469
+ ]
3470
+ },
3471
+ {
3472
+ "ruleId": "GCP_DATA_FUSION_STACKDRIVER_LOGGING",
3473
+ "threat": "Without Stackdriver logging enabled, Data Fusion pipeline executions leave no centralized audit trail, blinding detection of malicious or anomalous data movement.",
3474
+ "frameworks": [
3475
+ "CIS GCP Foundations Benchmark 2.x"
3476
+ ],
3477
+ "severity": "LOW",
3478
+ "title": "Enable Stackdriver logging on Data Fusion instances",
3479
+ "detect": {
3480
+ "target": "terraform",
3481
+ "resourceType": "google_data_fusion_instance",
3482
+ "require": "enable_stackdriver_logging\\s*=\\s*true"
3483
+ },
3484
+ "remediate": {
3485
+ "strategy": "set-attr",
3486
+ "ensure": {
3487
+ "enable_stackdriver_logging": "true"
3488
+ }
3489
+ },
3490
+ "requiredActions": [
3491
+ "Set enable_stackdriver_logging = true on the google_data_fusion_instance"
3492
+ ]
3493
+ },
3494
+ {
3495
+ "ruleId": "GCP_DATA_FUSION_STACKDRIVER_MONITORING",
3496
+ "threat": "Without monitoring, resource-abuse or crypto-mining workloads injected into Data Fusion go unnoticed until billing or downstream impact surfaces.",
3497
+ "frameworks": [
3498
+ "CIS GCP Foundations Benchmark 2.x"
3499
+ ],
3500
+ "severity": "LOW",
3501
+ "title": "Enable Stackdriver monitoring on Data Fusion instances",
3502
+ "detect": {
3503
+ "target": "terraform",
3504
+ "resourceType": "google_data_fusion_instance",
3505
+ "require": "enable_stackdriver_monitoring\\s*=\\s*true"
3506
+ },
3507
+ "remediate": {
3508
+ "strategy": "set-attr",
3509
+ "ensure": {
3510
+ "enable_stackdriver_monitoring": "true"
3511
+ }
3512
+ },
3513
+ "requiredActions": [
3514
+ "Set enable_stackdriver_monitoring = true on the google_data_fusion_instance"
3515
+ ]
3516
+ },
3517
+ {
3518
+ "ruleId": "GCP_COMPOSER_PRIVATE_ENVIRONMENT",
3519
+ "threat": "A Cloud Composer (Airflow) environment with a public GKE control plane and web server exposes DAG orchestration to the internet, a high-value target for code execution.",
3520
+ "frameworks": [
3521
+ "CIS GCP Foundations Benchmark 3.x"
3522
+ ],
3523
+ "severity": "MEDIUM",
3524
+ "title": "Make Cloud Composer environments private",
3525
+ "detect": {
3526
+ "target": "terraform",
3527
+ "resourceType": "google_composer_environment",
3528
+ "require": "enable_private_endpoint\\s*=\\s*true"
3529
+ },
3530
+ "remediate": {
3531
+ "strategy": "manual",
3532
+ "snippet": "Add private_environment_config with enable_private_endpoint = true."
3533
+ },
3534
+ "requiredActions": [
3535
+ "Add a config.private_environment_config block with enable_private_endpoint = true"
3536
+ ]
3537
+ },
3538
+ {
3539
+ "ruleId": "GCP_COMPOSER_CMEK",
3540
+ "threat": "A Composer environment without CMEK encrypts Airflow metadata and DAG state under Google keys, denying customer key revocation if the orchestration plane is compromised.",
3541
+ "frameworks": [
3542
+ "CIS GCP Foundations Benchmark 4.7"
3543
+ ],
3544
+ "severity": "LOW",
3545
+ "title": "Encrypt Cloud Composer environments with a customer-managed key",
3546
+ "detect": {
3547
+ "target": "terraform",
3548
+ "resourceType": "google_composer_environment",
3549
+ "require": "encryption_config\\s*\\{"
3550
+ },
3551
+ "remediate": {
3552
+ "strategy": "manual",
3553
+ "snippet": "Add config.encryption_config with kms_key_name."
3554
+ },
3555
+ "requiredActions": [
3556
+ "Add a config.encryption_config block with kms_key_name set to a customer-managed Cloud KMS key"
3557
+ ]
3558
+ },
3559
+ {
3560
+ "ruleId": "GCP_PUBSUB_SUBSCRIPTION_RETENTION",
3561
+ "threat": "Short or default message retention means an attacker who triggers redelivery or replay leaves no window for forensic recovery of the original messages.",
3562
+ "frameworks": [
3563
+ "CIS GCP Foundations Benchmark 2.x"
3564
+ ],
3565
+ "severity": "LOW",
3566
+ "title": "Set explicit message retention on Pub/Sub subscriptions",
3567
+ "detect": {
3568
+ "target": "terraform",
3569
+ "resourceType": "google_pubsub_subscription",
3570
+ "require": "message_retention_duration\\s*="
3571
+ },
3572
+ "remediate": {
3573
+ "strategy": "set-attr",
3574
+ "ensure": {
3575
+ "message_retention_duration": "\"604800s\""
3576
+ }
3577
+ },
3578
+ "requiredActions": [
3579
+ "Set message_retention_duration explicitly on the subscription"
3580
+ ]
3581
+ },
3582
+ {
3583
+ "ruleId": "GCP_ARTIFACT_REGISTRY_IAM_NOT_PUBLIC",
3584
+ "threat": "An Artifact Registry repo granted to allUsers lets anyone pull (or with write roles, poison) container images, enabling supply-chain compromise of every consumer.",
3585
+ "frameworks": [
3586
+ "CIS GCP Foundations Benchmark 5.x"
3587
+ ],
3588
+ "severity": "HIGH",
3589
+ "title": "Prevent public IAM bindings on Artifact Registry repositories",
3590
+ "detect": {
3591
+ "target": "terraform",
3592
+ "resourceType": "google_artifact_registry_repository_iam_member",
3593
+ "forbid": "allUsers|allAuthenticatedUsers"
3594
+ },
3595
+ "remediate": {
3596
+ "strategy": "manual",
3597
+ "snippet": "Remove allUsers/allAuthenticatedUsers and bind to specific principals."
3598
+ },
3599
+ "requiredActions": [
3600
+ "Remove allUsers and allAuthenticatedUsers members; grant repository access only to named principals"
3601
+ ]
3602
+ },
3603
+ {
3604
+ "ruleId": "GCP_SERVICE_ACCOUNT_IAM_NO_PUBLIC_ACTAS",
3605
+ "threat": "Granting actAs/serviceAccountUser to allUsers lets anyone impersonate the service account, inheriting all of its IAM privileges for privilege escalation.",
3606
+ "frameworks": [
3607
+ "CIS GCP Foundations Benchmark 1.x"
3608
+ ],
3609
+ "severity": "CRITICAL",
3610
+ "title": "Prevent public impersonation of service accounts",
3611
+ "detect": {
3612
+ "target": "terraform",
3613
+ "resourceType": "google_service_account_iam_member",
3614
+ "forbid": "allUsers|allAuthenticatedUsers"
3615
+ },
3616
+ "remediate": {
3617
+ "strategy": "manual",
3618
+ "snippet": "Remove allUsers/allAuthenticatedUsers from the service account IAM member."
3619
+ },
3620
+ "requiredActions": [
3621
+ "Remove allUsers and allAuthenticatedUsers from google_service_account_iam_member bindings"
3622
+ ]
3623
+ },
3624
+ {
3625
+ "ruleId": "GCP_PROJECT_AUDIT_ALL_SERVICES",
3626
+ "threat": "An audit config scoped to a single service leaves other APIs unlogged; an attacker pivots to an unaudited service to operate without leaving Data Access logs.",
3627
+ "frameworks": [
3628
+ "CIS GCP Foundations Benchmark 2.1"
3629
+ ],
3630
+ "severity": "MEDIUM",
3631
+ "title": "Apply audit logging to all services",
3632
+ "detect": {
3633
+ "target": "terraform",
3634
+ "resourceType": "google_project_iam_audit_config",
3635
+ "require": "service\\s*=\\s*\"allServices\""
3636
+ },
3637
+ "remediate": {
3638
+ "strategy": "set-attr",
3639
+ "ensure": {
3640
+ "service": "\"allServices\""
3641
+ }
3642
+ },
3643
+ "requiredActions": [
3644
+ "Set service = \"allServices\" with DATA_READ and DATA_WRITE audit_log_config entries"
3645
+ ]
3646
+ },
3647
+ {
3648
+ "ruleId": "GCP_DATASTORE_OBJECT_ACL_NO_PUBLIC",
3649
+ "threat": "A default object ACL granting allUsers makes every newly uploaded object world-readable, silently leaking data the moment it is written.",
3650
+ "frameworks": [
3651
+ "CIS GCP Foundations Benchmark 5.1"
3652
+ ],
3653
+ "severity": "HIGH",
3654
+ "title": "Prevent public default object ACLs on buckets",
3655
+ "detect": {
3656
+ "target": "terraform",
3657
+ "resourceType": "google_storage_default_object_access_control",
3658
+ "forbid": "entity\\s*=\\s*\"allUsers\"|allAuthenticatedUsers"
3659
+ },
3660
+ "remediate": {
3661
+ "strategy": "manual",
3662
+ "snippet": "Remove allUsers/allAuthenticatedUsers from the default object ACL; prefer uniform bucket-level access."
3663
+ },
3664
+ "requiredActions": [
3665
+ "Remove allUsers and allAuthenticatedUsers entities from default object ACLs and enable uniform bucket-level access"
3666
+ ]
3667
+ },
3668
+ {
3669
+ "ruleId": "GCP_SQL_LOG_DURATION",
3670
+ "threat": "Without log_duration, slow or abusive queries leave no timing trace, hindering detection of injection-driven enumeration or denial-of-service patterns.",
3671
+ "frameworks": [
3672
+ "CIS GCP Foundations Benchmark 6.2.x"
3673
+ ],
3674
+ "severity": "LOW",
3675
+ "title": "Enable statement duration logging on Cloud SQL PostgreSQL",
3676
+ "detect": {
3677
+ "target": "terraform",
3678
+ "resourceType": "google_sql_database_instance",
3679
+ "require": "name\\s*=\\s*\"log_duration\"[\\s\\S]*value\\s*=\\s*\"on\""
3680
+ },
3681
+ "remediate": {
3682
+ "strategy": "manual",
3683
+ "snippet": "Add database_flags log_duration = on."
3684
+ },
3685
+ "requiredActions": [
3686
+ "Add a database_flags entry with name = \"log_duration\" and value = \"on\""
3687
+ ]
3688
+ },
3689
+ {
3690
+ "ruleId": "GCP_COMPUTE_TARGET_SSL_PROXY_NO_SSLV3",
3691
+ "threat": "An SSL proxy whose attached policy permits TLS 1.0 lets an attacker force a downgrade to a deprecated protocol vulnerable to known cipher attacks.",
3692
+ "frameworks": [
3693
+ "CIS GCP Foundations Benchmark 3.9"
3694
+ ],
3695
+ "severity": "MEDIUM",
3696
+ "title": "Reject TLS 1.0 on SSL policies used by proxies",
3697
+ "detect": {
3698
+ "target": "terraform",
3699
+ "resourceType": "google_compute_ssl_policy",
3700
+ "forbid": "min_tls_version\\s*=\\s*\"TLS_1_1\""
3701
+ },
3702
+ "remediate": {
3703
+ "strategy": "set-attr",
3704
+ "ensure": {
3705
+ "min_tls_version": "\"TLS_1_2\""
3706
+ }
3707
+ },
3708
+ "requiredActions": [
3709
+ "Set min_tls_version to TLS_1_2 on the SSL policy"
3710
+ ]
3711
+ },
3712
+ {
3713
+ "ruleId": "GCP_COMPUTE_NETWORK_DELETE_DEFAULT_ROUTES",
3714
+ "threat": "The auto-created default internet route on a VPC permits direct egress to the internet; leaving it enables data exfiltration from instances that should be isolated.",
3715
+ "frameworks": [
3716
+ "CIS GCP Foundations Benchmark 3.x"
3717
+ ],
3718
+ "severity": "LOW",
3719
+ "title": "Delete default internet routes on isolated VPCs",
3720
+ "detect": {
3721
+ "target": "terraform",
3722
+ "resourceType": "google_compute_network",
3723
+ "require": "delete_default_routes_on_create\\s*=\\s*true"
3724
+ },
3725
+ "remediate": {
3726
+ "strategy": "set-attr",
3727
+ "ensure": {
3728
+ "delete_default_routes_on_create": "true"
3729
+ }
3730
+ },
3731
+ "requiredActions": [
3732
+ "Set delete_default_routes_on_create = true and add only the egress routes you require"
3733
+ ]
3734
+ },
3735
+ {
3736
+ "ruleId": "GCP_GKE_NODE_POOL_DEFAULTS_SECURE_BOOT",
3737
+ "threat": "Cluster node-pool defaults without Shielded VM let auto-provisioned node pools boot unverified images, enabling firmware/bootkit persistence on nodes.",
3738
+ "frameworks": [
3739
+ "CIS GCP Foundations Benchmark 7.x"
3740
+ ],
3741
+ "severity": "LOW",
3742
+ "title": "Set Shielded defaults for auto-provisioned GKE node pools",
3743
+ "detect": {
3744
+ "target": "terraform",
3745
+ "resourceType": "google_container_cluster",
3746
+ "require": "node_pool_defaults\\s*\\{"
3747
+ },
3748
+ "remediate": {
3749
+ "strategy": "manual",
3750
+ "snippet": "Add node_pool_defaults to set secure defaults for node auto-provisioning."
3751
+ },
3752
+ "requiredActions": [
3753
+ "Add a node_pool_defaults block establishing Shielded and secure node_config defaults"
3754
+ ]
3755
+ },
3756
+ {
3757
+ "ruleId": "GCP_DATAFLOW_FLEX_NO_PUBLIC_IP",
3758
+ "threat": "A Dataflow Flex Template job with public-IP workers exposes worker VMs to the internet, expanding the attack surface of the data-processing fleet.",
3759
+ "frameworks": [
3760
+ "CIS GCP Foundations Benchmark 3.x"
3761
+ ],
3762
+ "severity": "MEDIUM",
3763
+ "title": "Disable public IPs on Dataflow Flex Template workers",
3764
+ "detect": {
3765
+ "target": "terraform",
3766
+ "resourceType": "google_dataflow_flex_template_job",
3767
+ "require": "ip_configuration\\s*=\\s*\"WORKER_IP_PRIVATE\""
3768
+ },
3769
+ "remediate": {
3770
+ "strategy": "set-attr",
3771
+ "ensure": {
3772
+ "ip_configuration": "\"WORKER_IP_PRIVATE\""
3773
+ }
3774
+ },
3775
+ "requiredActions": [
3776
+ "Set ip_configuration = \"WORKER_IP_PRIVATE\" on the Flex Template job"
3777
+ ]
3778
+ },
3779
+ {
3780
+ "ruleId": "GCP_DATAFLOW_FLEX_KMS",
3781
+ "threat": "Flex Template job state under Google-managed keys cannot be cryptographically isolated, removing the customer's ability to revoke access to in-flight data.",
3782
+ "frameworks": [
3783
+ "CIS GCP Foundations Benchmark 4.7"
3784
+ ],
3785
+ "severity": "LOW",
3786
+ "title": "Encrypt Dataflow Flex Template jobs with a customer-managed key",
3787
+ "detect": {
3788
+ "target": "terraform",
3789
+ "resourceType": "google_dataflow_flex_template_job",
3790
+ "require": "kms_key_name\\s*="
3791
+ },
3792
+ "remediate": {
3793
+ "strategy": "set-attr",
3794
+ "ensure": {
3795
+ "kms_key_name": "\"google_kms_crypto_key.dataflow.id\""
3796
+ }
3797
+ },
3798
+ "requiredActions": [
3799
+ "Set kms_key_name to a customer-managed Cloud KMS crypto key id"
3800
+ ]
3801
+ },
3802
+ {
3803
+ "ruleId": "GCP_VERTEX_AI_ENDPOINT_CMEK",
3804
+ "threat": "A Vertex AI endpoint serving a model without CMEK keeps deployed model artifacts under Google keys, removing customer revocation if the serving plane is compromised.",
3805
+ "frameworks": [
3806
+ "CIS GCP Foundations Benchmark 4.7"
3807
+ ],
3808
+ "severity": "LOW",
3809
+ "title": "Encrypt Vertex AI endpoints with a customer-managed key",
3810
+ "detect": {
3811
+ "target": "terraform",
3812
+ "resourceType": "google_vertex_ai_endpoint",
3813
+ "require": "encryption_spec\\s*\\{"
3814
+ },
3815
+ "remediate": {
3816
+ "strategy": "manual",
3817
+ "snippet": "Add an encryption_spec block with kms_key_name."
3818
+ },
3819
+ "requiredActions": [
3820
+ "Add an encryption_spec block with kms_key_name set to a customer-managed Cloud KMS key"
3821
+ ]
3822
+ },
3823
+ {
3824
+ "ruleId": "GCP_REDIS_RDB_PERSISTENCE_ENCRYPTED",
3825
+ "threat": "A Redis instance without transit encryption in a non-private connect mode exposes cache contents, including session tokens, to network sniffing.",
3826
+ "frameworks": [
3827
+ "CIS GCP Foundations Benchmark 6.x"
3828
+ ],
3829
+ "severity": "MEDIUM",
3830
+ "title": "Require server-authentication transit encryption on Memorystore Redis",
3831
+ "detect": {
3832
+ "target": "terraform",
3833
+ "resourceType": "google_redis_instance",
3834
+ "forbid": "transit_encryption_mode\\s*=\\s*\"DISABLED\""
3835
+ },
3836
+ "remediate": {
3837
+ "strategy": "set-attr",
3838
+ "ensure": {
3839
+ "transit_encryption_mode": "\"SERVER_AUTHENTICATION\""
3840
+ }
3841
+ },
3842
+ "requiredActions": [
3843
+ "Set transit_encryption_mode to SERVER_AUTHENTICATION (not DISABLED)"
3844
+ ]
3845
+ },
3846
+ {
3847
+ "ruleId": "GCP_SQL_DENY_MAINTENANCE_NOT_BLOCKING_PATCH",
3848
+ "threat": "An overly broad deny-maintenance period blocks security patches indefinitely, leaving the database exposed to known CVEs an attacker can exploit.",
3849
+ "frameworks": [
3850
+ "CIS GCP Foundations Benchmark 6.x"
3851
+ ],
3852
+ "severity": "LOW",
3853
+ "title": "Avoid open-ended Cloud SQL maintenance deny periods",
3854
+ "detect": {
3855
+ "target": "terraform",
3856
+ "resourceType": "google_sql_database_instance",
3857
+ "require": "maintenance_window\\s*\\{"
3858
+ },
3859
+ "remediate": {
3860
+ "strategy": "manual",
3861
+ "snippet": "Define a maintenance_window so security patches apply on a schedule."
3862
+ },
3863
+ "requiredActions": [
3864
+ "Define a settings.maintenance_window with an update_track so patches apply regularly"
3865
+ ]
3866
+ },
3867
+ {
3868
+ "ruleId": "GCP_BIGQUERY_TABLE_NO_PUBLIC_ACCESS",
3869
+ "threat": "A BigQuery table-level IAM grant to allUsers exposes potentially sensitive rows to the entire internet for unauthenticated querying.",
3870
+ "frameworks": [
3871
+ "CIS GCP Foundations Benchmark 5.x"
3872
+ ],
3873
+ "severity": "HIGH",
3874
+ "title": "Prevent public IAM bindings on BigQuery tables",
3875
+ "detect": {
3876
+ "target": "terraform",
3877
+ "resourceType": "google_bigquery_table_iam_member",
3878
+ "forbid": "allUsers|allAuthenticatedUsers"
3879
+ },
3880
+ "remediate": {
3881
+ "strategy": "manual",
3882
+ "snippet": "Remove allUsers/allAuthenticatedUsers from the table IAM member."
3883
+ },
3884
+ "requiredActions": [
3885
+ "Remove allUsers and allAuthenticatedUsers from google_bigquery_table_iam_member bindings"
3886
+ ]
3887
+ },
3888
+ {
3889
+ "ruleId": "GCP_SECRET_MANAGER_IAM_NOT_PUBLIC",
3890
+ "threat": "A Secret Manager secret granted to allUsers exposes credentials, API keys, or tokens to anyone, an immediate full-credential compromise.",
3891
+ "frameworks": [
3892
+ "CIS GCP Foundations Benchmark 1.x"
3893
+ ],
3894
+ "severity": "CRITICAL",
3895
+ "title": "Prevent public IAM bindings on Secret Manager secrets",
3896
+ "detect": {
3897
+ "target": "terraform",
3898
+ "resourceType": "google_secret_manager_secret_iam_member",
3899
+ "forbid": "allUsers|allAuthenticatedUsers"
3900
+ },
3901
+ "remediate": {
3902
+ "strategy": "manual",
3903
+ "snippet": "Remove allUsers/allAuthenticatedUsers from the secret IAM member."
3904
+ },
3905
+ "requiredActions": [
3906
+ "Remove allUsers and allAuthenticatedUsers from google_secret_manager_secret_iam_member bindings"
3907
+ ]
3908
+ },
3909
+ {
3910
+ "ruleId": "GCP_COMPUTE_ATTACHED_DISK_CMEK_SNAPSHOT_KEY",
3911
+ "threat": "A region disk created without a customer-managed key cannot have its data access revoked independently of Google, leaving exfiltrated volumes decryptable.",
3912
+ "frameworks": [
3913
+ "CIS GCP Foundations Benchmark 4.7"
3914
+ ],
3915
+ "severity": "MEDIUM",
3916
+ "title": "Encrypt regional persistent disks with a customer-managed key",
3917
+ "detect": {
3918
+ "target": "terraform",
3919
+ "resourceType": "google_compute_region_disk",
3920
+ "require": "disk_encryption_key\\s*\\{"
3921
+ },
3922
+ "remediate": {
3923
+ "strategy": "manual",
3924
+ "snippet": "Add a disk_encryption_key block with kms_key_name."
3925
+ },
3926
+ "requiredActions": [
3927
+ "Add a disk_encryption_key block with kms_key_name set to a customer-managed Cloud KMS key"
3928
+ ]
3929
+ },
3930
+ {
3931
+ "ruleId": "GCP_COMPUTE_ROUTE_NO_DEFAULT_INTERNET_GATEWAY",
3932
+ "threat": "A custom route to the default internet gateway with a 0.0.0.0/0 destination opens unrestricted egress, enabling data exfiltration from supposedly isolated subnets.",
3933
+ "frameworks": [
3934
+ "CIS GCP Foundations Benchmark 3.x"
3935
+ ],
3936
+ "severity": "LOW",
3937
+ "title": "Avoid broad internet-gateway routes on isolated networks",
3938
+ "detect": {
3939
+ "target": "terraform",
3940
+ "resourceType": "google_compute_route",
3941
+ "forbid": "dest_range\\s*=\\s*\"0\\.0\\.0\\.0/0\"[\\s\\S]*next_hop_gateway"
3942
+ },
3943
+ "remediate": {
3944
+ "strategy": "manual",
3945
+ "snippet": "Scope dest_range to required CIDRs or route egress via a NAT/proxy instead of the default internet gateway."
3946
+ },
3947
+ "requiredActions": [
3948
+ "Replace the 0.0.0.0/0 default-internet-gateway route with narrowly scoped egress routes"
3949
+ ]
3950
+ },
3951
+ {
3952
+ "ruleId": "GCP_GKE_COST_DISABLE_INSECURE_KUBELET",
3953
+ "threat": "GKE node pools left with the legacy kubelet config defaults can expose an unauthenticated read-only port; absent an explicit kubelet_config the cluster relies on insecure defaults.",
3954
+ "frameworks": [
3955
+ "CIS GCP Foundations Benchmark 7.x"
3956
+ ],
3957
+ "severity": "LOW",
3958
+ "title": "Set an explicit kubelet configuration on GKE node pools",
3959
+ "detect": {
3960
+ "target": "terraform",
3961
+ "resourceType": "google_container_node_pool",
3962
+ "require": "kubelet_config\\s*\\{"
3963
+ },
3964
+ "remediate": {
3965
+ "strategy": "manual",
3966
+ "snippet": "Add a kubelet_config block and disable the read-only port."
3967
+ },
3968
+ "requiredActions": [
3969
+ "Add a node_config.kubelet_config block and set insecure_kubelet_readonly_port_enabled = false"
3970
+ ]
3971
+ },
3972
+ {
3973
+ "ruleId": "GCP_CLOUD_RUN_V2_NO_PUBLIC_INGRESS",
3974
+ "threat": "A Cloud Run v2 service that allows all ingress is reachable directly from the internet, bypassing any load balancer WAF and exposing the app to direct attack.",
3975
+ "frameworks": [
3976
+ "CIS GCP Foundations Benchmark 4.x"
3977
+ ],
3978
+ "severity": "MEDIUM",
3979
+ "title": "Restrict Cloud Run v2 ingress away from all traffic",
3980
+ "detect": {
3981
+ "target": "terraform",
3982
+ "resourceType": "google_cloud_run_v2_service",
3983
+ "forbid": "ingress\\s*=\\s*\"INGRESS_TRAFFIC_ALL\""
3984
+ },
3985
+ "remediate": {
3986
+ "strategy": "set-attr",
3987
+ "ensure": {
3988
+ "ingress": "\"INGRESS_TRAFFIC_INTERNAL_LOAD_BALANCER\""
3989
+ }
3990
+ },
3991
+ "requiredActions": [
3992
+ "Set ingress to INGRESS_TRAFFIC_INTERNAL_ONLY or INGRESS_TRAFFIC_INTERNAL_LOAD_BALANCER"
3993
+ ]
3994
+ },
3995
+ {
3996
+ "ruleId": "GCP_PUBSUB_SUBSCRIPTION_DEAD_LETTER",
3997
+ "threat": "Without a dead-letter topic, poison messages that crash consumers redeliver indefinitely, an availability attack vector and a blind spot for malformed-payload detection.",
3998
+ "frameworks": [
3999
+ "CIS GCP Foundations Benchmark 2.x"
4000
+ ],
4001
+ "severity": "LOW",
4002
+ "title": "Configure a dead-letter policy on Pub/Sub subscriptions",
4003
+ "detect": {
4004
+ "target": "terraform",
4005
+ "resourceType": "google_pubsub_subscription",
4006
+ "require": "dead_letter_policy\\s*\\{"
4007
+ },
4008
+ "remediate": {
4009
+ "strategy": "manual",
4010
+ "snippet": "Add a dead_letter_policy block referencing a DLQ topic."
4011
+ },
4012
+ "requiredActions": [
4013
+ "Add a dead_letter_policy block with a dead_letter_topic and max_delivery_attempts"
4014
+ ]
4015
+ },
4016
+ {
4017
+ "ruleId": "GCP_COMPUTE_FORWARDING_RULE_INTERNAL_ONLY",
4018
+ "threat": "A forwarding rule with EXTERNAL load balancing scheme publishes the backend directly to the internet; using INTERNAL keeps the service on private networking.",
4019
+ "frameworks": [
4020
+ "CIS GCP Foundations Benchmark 3.x"
4021
+ ],
4022
+ "severity": "LOW",
4023
+ "title": "Prefer internal load balancing scheme on forwarding rules",
4024
+ "detect": {
4025
+ "target": "terraform",
4026
+ "resourceType": "google_compute_forwarding_rule",
4027
+ "forbid": "load_balancing_scheme\\s*=\\s*\"EXTERNAL\""
4028
+ },
4029
+ "remediate": {
4030
+ "strategy": "manual",
4031
+ "snippet": "Use load_balancing_scheme = INTERNAL or place the EXTERNAL rule behind Cloud Armor."
4032
+ },
4033
+ "requiredActions": [
4034
+ "Set load_balancing_scheme to INTERNAL or INTERNAL_MANAGED, or attach Cloud Armor if external exposure is required"
4035
+ ]
4036
+ },
4037
+ {
4038
+ "ruleId": "GCP_BIGTABLE_TABLE_DELETION_PROTECTION",
4039
+ "threat": "A Bigtable table without deletion protection can be wiped by a compromised credential, destroying operational data with no built-in safeguard.",
4040
+ "frameworks": [
4041
+ "CIS GCP Foundations Benchmark 6.x"
4042
+ ],
4043
+ "severity": "LOW",
4044
+ "title": "Enable deletion protection on Bigtable tables",
4045
+ "detect": {
4046
+ "target": "terraform",
4047
+ "resourceType": "google_bigtable_table",
4048
+ "require": "deletion_protection\\s*=\\s*\"PROTECTED\""
4049
+ },
4050
+ "remediate": {
4051
+ "strategy": "set-attr",
4052
+ "ensure": {
4053
+ "deletion_protection": "\"PROTECTED\""
4054
+ }
4055
+ },
4056
+ "requiredActions": [
4057
+ "Set deletion_protection = \"PROTECTED\" on the google_bigtable_table"
4058
+ ]
4059
+ }
4060
+ ]
4061
+ }