Networking Policies

How to Use this Page

This page lists the Google Cloud Networking Policies that Bridgecrew helps you enforce. You can browse this page, or search for a specific policy ID or short title. For each policy, press the link for more details about a policy and its fix options.

Ensure GCP Firewall rule does not allow all traffic on SSH port 22
Policy ID: BC_GCP_NETWORKING_1

Ensure GCP Firewall rule does not allow all traffic on RDP port 3389
Policy ID: BC_GCP_NETWORKING_2

Ensure GCP HTTPS load balancer is not configured with SSL policy having TLS version 1.1 or lower
Policy ID: BC_GCP_NETWORKING_3

Ensure Cloud SQL database instances are not publicly accessible
Policy ID: BC_GCP_NETWORKING_4

Ensure GCP Cloud DNS has DNSSEC enabled
Policy ID: BC_GCP_NETWORKING_5

Ensure RSASHA1 is not used for Zone-Signing and Key-Signing Keys in Cloud DNS DNSSEC
Policy ID: BC_GCP_NETWORKING_6

Ensure default network does not exist in a project
Policy ID: BC_GCP_NETWORKING_7

Ensure GCP VM instances have block project-wide SSH keys feature enabled
Policy ID: BC_GCP_NETWORKING_8

Ensure GCP projects have OS login enabled
Policy ID: BC_GCP_NETWORKING_9

Ensure project instance does not override the project setting enabling OSLogin
Policy ID: BC_GCP_NETWORKING_10

Ensure GCP VM instances do not have serial port access enabled
Policy ID: BC_GCP_NETWORKING_11

Ensure IP forwarding on instances is disabled
Policy ID: BC_GCP_NETWORKING_12

Ensure GCP project is not configured with legacy network
Policy ID: BC_GCP_NETWORKING_13