Control: GCP > CIS v1 > 4 Virtual Machines
Covers recommendations addressing Virtual Machines.
Primary Policies
The following policies can be used to configure this control:
- 4 Virtual Machines > 4.01 Ensure that instances are not configured to use the default service account with full access to all Cloud APIs (Scored)
- 4 Virtual Machines > 4.02 Ensure "Block Project-wide SSH keys" enabled for VM instances (Scored)
- 4 Virtual Machines > 4.03 Ensure oslogin is enabled for a Project (Scored)
- 4 Virtual Machines > 4.04 Ensure 'Enable connecting to serial ports' is not enabled for VM Instance (Scored)
- 4 Virtual Machines > 4.05 Ensure that IP forwarding is not enabled on Instances (Not Scored)
- 4 Virtual Machines > 4.06 Ensure VM disks for critical VMs are encrypted with Customer- Supplied Encryption Keys (CSEK) (Scored)
- 4 Virtual Machines
Category
In Your Workspace
Developers
- tmod:@turbot/gcp-cisv1#/control/types/s04
- tmod:@turbot/cis#/control/categories/cis
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/gcp-cisv1#/control/types/s04"
Get Controls
Control Type URI
Category URI
GraphQL
CLI