View Categories

Understand SecPod Default Rules in GCP

Print Friendly, PDF & Email

Interpretation of the Columns in Benchmark Compliance Rules:

Rule ID: A unique identifier for the specific security rule or check

Title: A brief description of the security issue or misconfiguration

Severity — Low to High: Determines the risk of being exposed to attacks

Service Type: The AWS service affected or evaluated by the rule

Resource Type: The specific AWS resource being audited

Rule IDTitleSeverityService TypeResource Type
CSPM-GCP-2025-0001Enable Deletion Protection for VM InstancesHighComputeEngineVMInstances
CSPM-GCP-2025-0002-01OS Login Disabled on Compute InstancesMediumComputeEngineVMInstances
CSPM-GCP-2025-0002-02OS Login Disabled on Project MetadataMediumComputeEngineGlobalVMInstances
CSPM-GCP-2025-0003Datasets Publicly AccessibleCriticalBigQueryDatasets
CSPM-GCP-2025-0004Dataset Not Encrypted with CMKsMediumBigQueryDatasets
CSPM-GCP-2025-0005Instance Allows Root Login from Any HostCriticalCloud SQL GlobalCloudSQL Users
CSPM-GCP-2025-0006Cloud SQL Missing Automated BackupMediumCloud SQLInstances
CSPM-GCP-2025-0007Cloud SQL Accessible from Public RangesCriticalCloud SQLInstances
CSPM-GCP-2025-0008Cloud SQL Public Internet AccessCriticalCloud SQLInstances
CSPM-GCP-2025-0010Cloud SQL Not Enforcing TLS/SSLHighCloud SQLInstances
CSPM-GCP-2025-0011Missing Backup ProtectionHighCloud SQLInstances
CSPM-GCP-2025-0012Cloud SQL Public Internet AccessCriticalCloud SQLInstances
CSPM-GCP-2025-0013MySQL Local Infile EnabledHighCloud SQLInstances
CSPM-GCP-2025-0015PostgreSQL Log Connections OffMediumCloud SQLInstances
CSPM-GCP-2025-0018Log Min Duration Statement Not SetMediumCloud SQLInstances
CSPM-GCP-2025-0020SQL Server Remote Access EnabledHighCloud SQLInstances
CSPM-GCP-2025-0021Contained DB Authentication EnabledHighCloud SQLInstances
CSPM-GCP-2025-0022Cross DB Ownership Chaining EnabledHighCloud SQLInstances
CSPM-GCP-2025-0023Storage Bucket Public AccessCriticalCloud Storage GlobalBucketPolicy
CSPM-GCP-2025-0027Uniform Bucket Access DisabledHighCloud StorageBuckets
CSPM-GCP-2025-0028Insecure Default Firewall RulesHighNetwork SecurityFirewalls
CSPM-GCP-2025-0029Firewall Allows All PortsCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0030Unrestricted DNS Firewall AccessHighNetwork SecurityFirewalls
CSPM-GCP-2025-0031Unrestricted FTP Firewall AccessHighNetwork SecurityFirewalls
CSPM-GCP-2025-0035Project-wide SSH Keys EnabledHighComputeEngineVMInstances
CSPM-GCP-2025-0036Serial Port Access EnabledHighComputeEngineVMInstances
CSPM-GCP-2025-0037Default Service Account UsedHighComputeEngineVMInstances
CSPM-GCP-2025-0041IP Forwarding EnabledMediumComputeEngineVMInstances
CSPM-GCP-2025-0044Shielded VM DisabledHighComputeEngineVMInstances
CSPM-GCP-2025-0056Cloud Functions HTTP AccessMediumCloud FunctionsFunctions
CSPM-GCP-2025-0058Cloud Function Public AccessCriticalCloud FunctionsFunctions
CSPM-GCP-2025-0062Non-Workspace Account in UseMediumIAMPolicies
CSPM-GCP-2025-0063Service Account Keys Not RotatedHighIAMKeys
CSPM-GCP-2025-0069Service Account Admin PrivilegesCriticalIAMIAM
CSPM-GCP-2025-0071User-Managed SA KeysCriticalIAMKeys
CSPM-GCP-2025-0073KMS Keys Publicly AccessibleCriticalCloud KMS GlobalPolicies
CSPM-GCP-2025-0074KMS Rotation MissingMediumCloud KMSKeys
CSPM-GCP-2025-0075GKE Basic Auth EnabledHighKubernetes EngineClusters
CSPM-GCP-2025-0082Missing Master Authorized NetworksHighKubernetes EngineClusters
CSPM-GCP-2025-0094GKE Legacy Authorization EnabledHighKubernetes EngineClusters
CSPM-GCP-2025-0103Redis AUTH DisabledHighCloud MemorystoreRedisInstances
CSPM-GCP-2025-0105Missing Log Metric (Audit Changes)HighLoggingMetrics
CSPM-GCP-2025-0128Privileged SA Roles AssignedCriticalIAMIAM
CSPM-GCP-2025-0130Cloud Storage Public BucketCriticalCloud Storage GlobalBucketPolicy
CSPM-GCP-2025-0189Unrestricted SSH Port 22CriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0262Unrestricted RDPCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0275Unrestricted Egress All PortsCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0282Kubernetes API Server ExposedCriticalNetwork SecurityFirewalls
CSPM-GCP-2025-0113Ensure that sinks are configured for all Log EntriesMediumLoggingSinks
CSPM-GCP-2025-0114Alerts doesn’t exist for audit configuration changesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0115Alerts doesn’t exist for cloud storage IAM permission changesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0116Alerts doesn’t exist for Custom Role ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0117Alerts doesn’t exist for project ownership assignments/changesHighMonitoringAlertPolicies
CSPM-GCP-2025-0118Alerts doesn’t exist for SQL Instance Configuration ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0119Alerts don’t exist for VPC Network ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0120Alerts don’t exist for VPC Network Firewall Rule ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0121Alerts don’t exist for VPC Network Route ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0071User-Managed Service Account KeysCriticalIAMKeys
CSPM-GCP-2025-0114Alerts doesn’t exist for Audit Configuration changesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0113Ensure that sinks are Configured for All Log EntriesMediumLoggingSinks
CSPM-GCP-2025-0115Alerts doesn’t exist for Cloud Storage IAM Permission ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0116Alerts doesn’t exist for Custom Role changesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0117Alerts don’t exist for Project Ownership Assignments/ChangesHighMonitoringAlertPolicies
CSPM-GCP-2025-0118Alerts don’t exist for SQL Instance Configuration ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0119Alerts Don’t exist for VPC Network ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0120Alerts don’t exist for VPC Network Firewall Rule ChangesMediumMonitoringAlertPolicies
CSPM-GCP-2025-0121Alerts don’t exist for VPC Network Route ChangesMediumMonitoringAlertPolicies