Developer Tools
Snyk Learn
Snyk Advisor
Code Checker
About Snyk
Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
Expand this section
AWS
Expand this section
Azure
Expand this section
Google
All Google service groups
App Engine
Artifact Registry
BigQuery
Cloud DNS
Cloud Functions
Cloud KMS
Cloud Platform
Cloud SQL
Cloud Storage
Compute Engine
Compute
Container
Dataflow
Dataproc
Filestore
IAM
Kubernetes (Container) Engine
Monitor
Network
Redis
Secrets Manager
Storage
Expand this section
Kubernetes
Report a new vulnerability
RULE
SERVICE GROUP
M
Hadoop Secure Mode/Kerberos is not enabled
Dataproc
M
IAM default audit log config does not include 'DATA_READ' and 'DATA_WRITE' log types
IAM
M
IAM default audit log config should not exempt any users
Monitor
M
IAM permission assigned to user
IAM
M
IAM user has privileged roles at project level
IAM
M
IAM users should not have both KMS admin and any of the KMS encrypter/decrypter roles.
IAM
M
IP forwarding enabled on the instance template
Compute
M
IP forwarding is enabled
Compute Engine
M
IP forwarding is enabled on the instance
Compute Engine
M
KMS keys are not automatically rotated
Cloud KMS
M
Kubernetes Cluster is not VPC-Native.
Kubernetes (Container) Engine
M
Legacy ABAC is enabled
Kubernetes (Container) Engine
M
Logging is not enabled on storage bucket
Cloud Storage
M
Logging metric filter and alert for audit configuration changes are not configured
Monitor
M
Logging metric filter and alert for custom role changes are not configured
IAM
M
Logging metric filter and alert for network changes should be configured
Cloud Platform
M
Logging metric filter and alert for network firewall rule changes should be configured
Cloud Platform
M
Logging metric filter and alert for network route changes should be configured
Cloud Platform
M
Logging metric filter and alert for project ownership assignments/changes should be configured
Monitor
M
Logging metric filter and alert for SQL instance configuration are not configured
Cloud SQL
M
Logging metric filter and alert for Storage IAM permission changes should be configured
Cloud Storage
M
Logging storage bucket retention policies and Bucket Lock are not configured
Cloud Storage
M
Logging storage bucket retention policies and Bucket Lock should be configured
Storage
M
Master authorized networks feature is disabled
Cloud Storage
M
Memory store (Redis) does not use Standard Tier for High Availability
Redis
M
MySQL allows loading local data
Cloud SQL
M
Object versioning is not enabled
Cloud Storage
M
OS Login is disabled
Compute Engine
M
Packet mirroring resource in use
Compute Engine
M
PostgreSQL 'log_min_error_statement' database flag is not set appropriately
Cloud SQL
Previous
Next