General Policies

How to Use this Page

This page lists the Google Cloud General Policies that Bridgecrew helps you enforce. You can browse this page, or search for a specific policy ID or short title. For each policy, press the link for more details about a policy and its fix options.

Ensure GCP VM disks are encrypted with CSEKs
Policy ID: BC_GCP_GENERAL_1

Ensure boot disks for instances use CSEKs
Policy ID: BC_GCP_GENERAL_2

Ensure compute instances launch with shielded VM enabled
Policy ID: BC_GCP_GENERAL_3

Ensure GCP KMS encryption key is rotating every 90 days
Policy ID: BC_GCP_GENERAL_4

Ensure incoming connections to Cloud SQL database instances use SSL
Policy ID: BC_GCP_GENERAL_5

Ensure Cloud SQL database instances have backup configuration enabled
Policy ID: BC_GCP_GENERAL_6

Ensure GCP BigQuery dataset is not publicly accessible
Policy ID: BC_GCP_GENERAL_7

Ensure there are only GCP-managed service account keys for each service account
Policy ID: BC_GCP_GENERAL_8

Ensure Cloud KMS cryptokeys are not anonymously or publicly accessible
Policy ID: BC_GCP_GENERAL_9

Ensure GCP resources that support labels have Labels
Policy ID: BC_GCP_GENERAL_10