View Categories

Understand SecPod Regional Rules in GCP

Print Friendly, PDF & Email

Interpretation of the Columns in Benchmark Compliance Rules:

Rule ID: A unique identifier for the specific security rule or check

Title: A brief description of the security issue or misconfiguration

Severity — Low to High: Determines the risk of being exposed to attacks

Service Type: The AWS service affected or evaluated by the rule

Resource Type: The specific AWS resource being audited

Rule IDTitleSeverityService TypeResource Type
CSPM-GCP-2025-0001Enable Deletion Protection for VM InstancesMediumComputeEngineVMInstances
CSPM-GCP-2025-0003Datasets Publicly AccessibleCriticalBigQueryDatasets
CSPM-GCP-2025-0006Cloud SQL Instances without Automated Backup ConfigurationMediumCloud SQLInstances
CSPM-GCP-2025-0007Cloud SQL Instances accessible from Public RangesCriticalCloud SQLInstances
CSPM-GCP-2025-0010Cloud SQL Instances not enforcing TLS/SSL client connectionsHighCloud SQLInstances
CSPM-GCP-2025-0035Block Project-Wide SSH Keys is not enabledMediumComputeEngineVMInstances
CSPM-GCP-2025-0036Serial Port Access is enabledHighComputeEngineVMInstances
CSPM-GCP-2025-0037Instances configured to use Default Service AccountHighComputeEngineVMInstances
CSPM-GCP-2025-0056Cloud Functions not enforcing HTTPS-Only AccessMediumCloud FunctionsFunctions
CSPM-GCP-2025-0058Cloud Functions Accessible by “_ARG_0_”CriticalCloud FunctionsFunctions
CSPM-GCP-2025-0075GKE Clusters with Basic Authentication enabledMediumKubernetes EngineClusters
CSPM-GCP-2025-0082GKE Clusters without Master Authorized Networks ProtectionCriticalKubernetes EngineClusters
CSPM-GCP-2025-0094GKE Clusters using Legacy Authorization ModeCriticalKubernetes EngineClusters
CSPM-GCP-2025-0103Redis Instance does not have AUTH enabledCriticalCloud MemorystoreRedisInstances
CSPM-GCP-2025-0122Confidential Computing DisabledMediumComputeEngineVMInstances
CSPM-GCP-2025-0131Dataproc Cluster VM disk encryption with customer-managed keys (gcePdKmsKeyName) Not ConfiguredHighDataprocDataprocClusters
CSPM-GCP-2025-0154GKE Clusters without gVisor Sandbox ProtectionMediumKubernetes EngineNodePools
CSPM-GCP-2025-0307Redis Cluster has Deletion Protection disabledHighCloud MemorystoreRedisClusters