Cloud Security Rules

RULE	SERVICE GROUP
M Policy sets insecure default privilege escalation control	Pod Security Policy
M Policy sets insecure default seccomp profile	Pod Security Policy
M PostgreSQL 'log_min_error_statement' database flag is not set appropriately	Cloud SQL
M PostgreSQL 'log_min_messages' database flag is not set appropriately	Cloud SQL
M PostgreSQL database 'connection_throttling' setting is disabled	Database
M PostgreSQL database 'log_retention_days' is set to less than 3 days	Database
M PostgreSQL Database configuration 'log_checkpoints' is disabled	Database
M PostgreSQL firewall rule allows public access	Database
M PostgreSQL server 'log_connections' setting is disabled	Database
M PostgreSQL server 'log_disconnections' setting is disabled	Database
M PostgreSQL server 'log_duration' setting is not configured	Database
M PostgreSQL server does not have minimum TLS version set to 1.2	Database
M Potentially sensitive variable in task definition	ECS
M Project-wide SSH keys are allowed	Compute Engine
M Public IP is assigned to compute instance	Compute Engine
M Public IP is assigned to SQL database instance	Cloud SQL
M Public IPs are automatically mapped to instances	VPC
M QLDB ledger permissions is set to ALLOW_ALL mode	QLDB
M RDS Aurora cluster multi-AZ is not enabled	RDS
M RDS automatic backup is disabled	RDS
M RDS cluster is not using encrypted storage	RDS
M RDS DB cluster parameter group configured with TLS Version below 1.2	RDS
M RDS global cluster encryption is disabled	RDS
M RDS IAM authentication is disabled	RDS
M RDS instance 'Deletion Protection' is not enabled	RDS
M RDS instance does not have FedRAMP approved database engine	RDS
M RDS instance is not using encrypted storage	RDS
M Redis cache backup is disabled	Redis
M Redis cache does not have minimum TLS version set to 1.2	Redis
M Redis cache is accessible without authentication	Redis

Previous Next

AWS

Azure

Google

Kubernetes