GCP Knowledge Bases

1.12 Ensure API Keys Exist Only for Active Services (Automated)
Profile Applicability: Level 2 Description: API keys should only be used when other authentication methods are unavailable. Unused or inactive API keys c...
Mon, 24 Feb, 2025 at 5:56 AM
1.13 Ensure API Keys Are Restricted to Specific Hosts and Applications (Manual)
Profile Applicability: Level 2 Description: API keys should only be used in scenarios where alternative authentication methods are unavailable. Unrestric...
Wed, 19 Mar, 2025 at 2:14 AM
1.14 Ensure API Keys Are Restricted to Only APIs Required by the Application (Automated)
Profile Applicability: Level 2 Description: API keys should be limited to accessing only the APIs necessary for the application’s functionality. Unrestri...
Mon, 3 Mar, 2025 at 1:13 AM
1.15 Ensure API Keys Are Rotated Every 90 Days (Automated)
Profile Applicability: Level 2 Description: API keys should be rotated every 90 days to minimize the risk of unauthorized access. While API keys can be u...
Mon, 3 Mar, 2025 at 1:17 AM
1.16 Ensure Essential Contacts Are Configured for the Organization (Automated)
Profile Applicability: Level 1 Description: Essential Contacts allow organizations to designate specific email addresses to receive important notificatio...
Mon, 3 Mar, 2025 at 1:27 AM
2.1 Ensure Cloud Audit Logging Is Configured Properly (Automated)
Profile Applicability: Level 1 Description: It is recommended to configure Cloud Audit Logging to monitor administrative actions and access to user data....
Mon, 3 Mar, 2025 at 1:32 AM
2.2 Ensure That Sinks Are Configured for All Log Entries (Automated)
Profile Applicability: Level 1 Description: It is recommended to configure log sinks to export copies of all log entries. These sinks help aggregate logs...
Mon, 3 Mar, 2025 at 2:37 AM
2.3 Ensure Retention Policies on Cloud Storage Buckets Used for Exporting Logs Are Configured Using Bucket Lock (Automated)
Profile Applicability: Level 2 Description: It is recommended to enable retention policies and configure Bucket Lock on all Cloud Storage buckets used as...
Mon, 3 Mar, 2025 at 4:38 AM
Ensure Log Metric Filters and Alerts Are Configured for Project Ownership Assignments/Changes (Automated)
Profile Applicability: Level 1 Description: To prevent unauthorized or unnecessary assignment of project ownership and potential misuse of resources, it ...
Wed, 19 Mar, 2025 at 3:23 AM
2.5 Ensure Log Metric Filters and Alerts Exist for Audit Configuration Changes (Automated)
Profile Applicability: Level 1 Description: Google Cloud Platform (GCP) generates audit logs to record important events like "who did what, where, a...
Mon, 3 Mar, 2025 at 5:08 AM