AC_GCP_0201 | Ensure Redis (TCP:6379) is not exposed to entire internet for Google Compute Firewall | GCP | Infrastructure Security | HIGH |
AC_GCP_0202 | Ensure Oracle DB (UDP:2483) is not exposed to more than 32 private hosts for Google Compute Firewall | GCP | Infrastructure Security | LOW |
AC_GCP_0203 | Ensure Oracle DB (UDP:2483) is not exposed to public for Google Compute Firewall | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0204 | Ensure Oracle DB (UDP:2483) is not exposed to entire internet for Google Compute Firewall | GCP | Infrastructure Security | HIGH |
AC_GCP_0205 | Ensure Oracle DB (TCP:2483) is not exposed to more than 32 private hosts for Google Compute Firewall | GCP | Infrastructure Security | LOW |
AC_GCP_0206 | Ensure Oracle DB (TCP:2483) is not exposed to public for Google Compute Firewall | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0207 | Ensure Oracle DB (TCP:2483) is not exposed to entire internet for Google Compute Firewall | GCP | Infrastructure Security | HIGH |
AC_GCP_0208 | Ensure Oracle DB (TCP:1521) is not exposed to more than 32 private hosts for Google Compute Firewall | GCP | Infrastructure Security | LOW |
AC_GCP_0209 | Ensure Oracle DB (TCP:1521) is not exposed to public for Google Compute Firewall | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0210 | Ensure Oracle DB (TCP:1521) is not exposed to entire internet for Google Compute Firewall | GCP | Infrastructure Security | HIGH |
AC_GCP_0211 | Ensure LDAP (UDP:389) is not exposed to more than 32 private hosts for Google Compute Firewall | GCP | Infrastructure Security | LOW |
AC_GCP_0212 | Ensure LDAP (UDP:389) is not exposed to public for Google Compute Firewall | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0213 | Ensure LDAP (UDP:389) is not exposed to entire internet for Google Compute Firewall | GCP | Infrastructure Security | HIGH |
AC_GCP_0214 | Ensure LDAP (TCP:389) is not exposed to more than 32 private hosts for Google Compute Firewall | GCP | Infrastructure Security | LOW |
AC_GCP_0215 | Ensure LDAP (TCP:389) is not exposed to public for Google Compute Firewall | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0216 | Ensure LDAP (TCP:389) is not exposed to entire internet for Google Compute Firewall | GCP | Infrastructure Security | HIGH |
AC_GCP_0217 | Ensure CiscoSecure, Websm (TCP:9090) is not exposed to more than 32 private hosts for Google Compute Firewall | GCP | Infrastructure Security | LOW |
AC_GCP_0218 | Ensure CiscoSecure, Websm (TCP:9090) is not exposed to public for Google Compute Firewall | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0219 | Ensure CiscoSecure, Websm (TCP:9090) is not exposed to entire internet for Google Compute Firewall | GCP | Infrastructure Security | HIGH |
AC_GCP_0220 | Ensure Hadoop Name Node (TCP:9000) is not exposed to more than 32 private hosts for Google Compute Firewall | GCP | Infrastructure Security | LOW |
AC_GCP_0221 | Ensure Hadoop Name Node (TCP:9000) is not exposed to public for Google Compute Firewall | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0222 | Ensure Hadoop Name Node (TCP:9000) is not exposed to entire internet for Google Compute Firewall | GCP | Infrastructure Security | HIGH |
AC_GCP_0223 | Ensure Remote Desktop (TCP:3389) is not exposed to more than 32 private hosts for Google Compute Firewall | GCP | Infrastructure Security | LOW |
AC_GCP_0224 | Ensure Remote Desktop (TCP:3389) is not exposed to public for Google Compute Firewall | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0225 | Ensure 'Skip_show_database' Database Flag for Cloud SQL MySQL Instance Is Set to 'On' | GCP | Compliance Validation | LOW |
AC_GCP_0226 | Ensure FTP (TCP:20) is not exposed to more than 32 private hosts for Google Compute Firewall | GCP | Infrastructure Security | LOW |
AC_GCP_0227 | Ensure FTP (TCP:20) is not exposed to public for Google Compute Firewall | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0228 | Ensure FTP (TCP:20) is not exposed to entire internet for Google Compute Firewall | GCP | Infrastructure Security | HIGH |
AC_GCP_0229 | Ensure VM Disks for Critical VMs Are Encrypted With Customer-Supplied Encryption Keys (CSEK) | GCP | Data Protection | MEDIUM |
AC_GCP_0230 | Ensure That BigQuery Datasets Are Not Anonymously or Publicly Accessible | GCP | Identity and Access Management | HIGH |
AC_GCP_0231 | Enable VPC Flow Logs and Intranode Visibility | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0232 | Ensure That IP Forwarding Is Not Enabled on Instances | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0233 | Ensure logging is enabled for Google Cloud Storage Buckets | GCP | Logging and Monitoring | LOW |
AC_GCP_0234 | Ensure That Cloud Storage Buckets Have Uniform Bucket-Level Access Enabled | GCP | Identity and Access Management | LOW |
AC_GCP_0235 | Ensure encryption is enabled for Google Cloud Storage Buckets | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0236 | Ensure that Cloud Storage bucket is not anonymously or publicly accessible - google_storage_bucket_access_control | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0237 | Ensure that Cloud Storage bucket is not anonymously or publicly accessible - google_storage_bucket_iam_binding | GCP | Identity and Access Management | MEDIUM |
AC_GCP_0238 | Ensure That Cloud Storage Bucket Is Not Anonymously or Publicly Accessible - google_storage_bucket_iam_member | GCP | Identity and Access Management | HIGH |
AC_GCP_0239 | Ensure That Service Account Has No Admin Privileges - google_storage_bucket_iam_member | GCP | Identity and Access Management | HIGH |
AC_GCP_0240 | Ensure That Separation of Duties Is Enforced While Assigning Service Account Related Roles to Users | GCP | Identity and Access Management | LOW |
AC_GCP_0241 | Ensure object versioning is enabled on Google Cloud Storage Buckets | GCP | Logging and Monitoring | LOW |
AC_GCP_0242 | Ensure default service account is not used for project access in Google Container Cluster | GCP | Security Best Practices | HIGH |
AC_GCP_0243 | Ensure application-layer secrets are encrypted for Google Container Cluster | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0244 | Ensure HTTP load balancing is enabled for Google Container Cluster | GCP | Resilience | MEDIUM |
AC_GCP_0245 | Ensure IAM roles do not impersonate or manage service accounts through Google Folder IAM Binding | GCP | Identity and Access Management | LOW |
AC_GCP_0246 | Ensure folder level default service account is not configured in Google Folder IAM Binding | GCP | Identity and Access Management | LOW |
AC_GCP_0247 | Ensure IAM roles do not impersonate or manage service accounts used at organization level for Google Cloud | GCP | Identity and Access Management | HIGH |
AC_GCP_0248 | Ensure default service account is not used at organization level for Google Cloud | GCP | Identity and Access Management | HIGH |
AC_GCP_0249 | Ensure That Cloud SQL Database Instances Do Not Have Public IPs | GCP | Compliance Validation | MEDIUM |
AC_GCP_0250 | Ensure That the 'Local_infile' Database Flag for a Cloud SQL MySQL Instance Is Set to 'Off' | GCP | Compliance Validation | LOW |