Interpretation of the Columns in Benchmark Compliance Rules:
Rule ID: A unique identifier for the specific security rule or check
Title: A brief description of the security issue or misconfiguration
Severity — Low to High: Determines the risk of being exposed to attacks
Service Type: The AWS service affected or evaluated by the rule
Resource Type: The specific AWS resource being audited
| Rule ID | Title | Severity | Service Type | Resource Type |
|---|---|---|---|---|
| CSPM-GCP-2025-0002-01 | OS Login Disabled on Compute Instances | High | ComputeEngine | VMInstances |
| CSPM-GCP-2025-0003 | Datasets Publicly Accessible | Critical | BigQuery | Datasets |
| CSPM-GCP-2025-0006 | Cloud SQL Instances Without Automated Backup Configuration | High | Cloud SQL | Instances |
| CSPM-GCP-2025-0010 | Cloud SQL Instances Not Enforcing TLS/SSL Client Connections | High | Cloud SQL | Instances |
| CSPM-GCP-2025-0013 | MySQL Local Infile Flag Enabled | Medium | Cloud SQL | Instances |
| CSPM-GCP-2025-0018 | Log Min Duration Statement Database Flag for PostgreSQL Instance Is not set to -1 | High | Cloud SQL | Instances |
| CSPM-GCP-2025-0035 | Block Project-Wide SSH Keys is not Enabled | High | ComputeEngine | VMInstances |
| CSPM-GCP-2025-0036 | Serial Port Access is Enabled | High | ComputeEngine | VMInstances |
| CSPM-GCP-2025-0044 | Shielded VM Disabled | Medium | ComputeEngine | VMInstances |
| CSPM-GCP-2025-0057 | Potential Secrets in Function Environment Variables (Gen 1) | Medium | Cloud Functions | Functions |
| CSPM-GCP-2025-0122 | Confidential Computing disabled | Medium | ComputeEngine | VMInstances |
| CSPM-GCP-2025-0176 | PostgreSQL PGAudit Extension not enabled | Medium | Cloud SQL | Instances |
