Ensure GCP Google compute firewall ingress does not allow unrestricted FTP access

Error: GCP Firewall rule allows all traffic on FTP port (21)
Bridgecrew Policy ID: BC_GCP_NETWORKING_19
Checkov Check ID: CKV_GCP_75
Severity: LOW

GCP Firewall rule allows all traffic on FTP port (21)

Description

Fix - Runtime

Fix - Buildtime

Terraform

# pass

resource "google_compute_firewall" "restricted" {
  name    = "example"
  network = "google_compute_network.vpc.name"

  allow {
    protocol = "tcp"
    ports    = ["21"]
  }

  source_ranges = ["172.1.2.3/32"]
  target_tags   = ["ftp"]
}