GCP Knowledge Bases
Profile Applicability: Level 2 Description: Identity-Aware Proxy (IAP) authenticates user requests to applications using Google Single Sign-On (SSO). You...
Wed, 12 Feb, 2025 at 11:15 AM
Profile Applicability: Level 1 Description: Instances should not use the default Compute Engine service account as it has broad permissions with the Edit...
Wed, 12 Feb, 2025 at 11:20 AM
Profile Applicability: Level 1 Description: Instances should not be configured to use the default Compute Engine service account with the scope set to &q...
Wed, 12 Feb, 2025 at 11:26 AM
Profile Applicability: Level 1 Description: Enabling Block Project-Wide SSH Keys for VM instances ensures that only instance-specific SSH keys are used f...
Wed, 12 Feb, 2025 at 11:33 AM
Profile Applicability: Level 1 Description: OS Login binds SSH certificates to IAM users, enabling centralized and automated SSH key management, which si...
Wed, 12 Feb, 2025 at 11:38 AM
Profile Applicability: Level 1 Description: The serial console allows text-based interaction with a virtual machine (VM) instance. However, enabling seri...
Wed, 12 Feb, 2025 at 11:42 AM
Profile Applicability: Level 1 Description: Google Compute Engine instances are restricted from forwarding packets unless the source and destination IP a...
Wed, 12 Feb, 2025 at 11:46 AM
Profile Applicability: Level 2 Description: Google Cloud enables customers to encrypt VM disks using Customer-Supplied Encryption Keys (CSEK). These keys...
Wed, 12 Feb, 2025 at 11:52 AM
Profile Applicability: Level 2 Description: Shielded VM is a hardened virtual machine configuration on Google Cloud that defends against rootkits and boo...
Wed, 12 Feb, 2025 at 12:03 PM
Profile Applicability: Level 2 Description: Compute instances should not have external (public) IP addresses to reduce exposure to the internet. Instead,...
Wed, 12 Feb, 2025 at 12:06 PM