Interpretation of the Columns in Benchmark Compliance Rules:
Rule ID: A unique identifier for the specific security rule or check
Title: A brief description of the security issue or misconfiguration
Severity — Low to High: Determines the risk of being exposed to attacks
Service Type: The AWS service affected or evaluated by the rule
Resource Type: The specific AWS resource being audited
| Rule ID | Title | Severity | Service Type | Resource Type |
|---|---|---|---|---|
| CSPM-GCP-2025-0002-01 | OS Login Disabled on Compute Instances | High | ComputeEngine | VMInstances |
| CSPM-GCP-2025-0003 | Datasets Publicly Accessible | Critical | BigQuery | Datasets |
| CSPM-GCP-2025-0005 | Instance Allows Root Login from Any Host | High | Cloud SQL Global | CloudSQL Users |
| CSPM-GCP-2025-0006 | Cloud SQL Instances without Automated Backup Configuration | High | Cloud SQL | Instances |
| CSPM-GCP-2025-0010 | Cloud SQL Instances not enforcing TLS/SSL Client Connections | High | Cloud SQL | Instances |
| CSPM-GCP-2025-0018 | Log Min Duration Statement Database Flag for PostgreSQL Instance Is Not Set to -1 | High | Cloud SQL | Instances |
| CSPM-GCP-2025-0062 | Gmail/Non-Workspace Account in Use | High | IAM | Policies |
| CSPM-GCP-2025-0069 | Service Account with Admin Privileges | High | IAM | IAM |
| CSPM-GCP-2025-0105 | Log Metric Filter Doesn’t Exist for Audit Configuration Changes | High | Logging | Metrics |
| CSPM-GCP-2025-0113 | Ensure that sinks are configured for all Log Entries | High | Logging | Sinks |
| CSPM-GCP-2025-0129 | Essential Contacts Not Configured | High | Cloud Resource Manager | Contacts |
| CSPM-GCP-2025-0189 | Firewall Rule allows unrestricted SSH TCP Port 22 Access | High | Network Security | Firewalls |
| CSPM-GCP-2025-0262 | Ensure that RDP access is restricted from the internet | High | Network Security | Firewalls |
| CSPM-GCP-2025-0272 | Ensure that instances are not configured to use the Default Service Account with full Access to all Cloud APIs | High | ComputeEngine | VMInstances |
| CSPM-GCP-2025-0071 | User-Managed SA Keys | High | IAM | Keys |
| CSPM-GCP-2025-0071 | User-Managed Service Account Keys | High | IAM | Keys |
| CSPM-GCP-2025-0113 | Ensure that sinks are Configured for All Log Entries | High | Logging | Sinks |
