Control: GCP > CIS v2.0 > 4 - Virtual Machines > 4.12 - Ensure the Latest Operating System Updates Are Installed On Your Virtual Machines in All Projects
Configures auditing against a CIS Benchmark item.
Level: 2
Google Cloud Virtual Machines have the ability via an OS Config agent API to periodically (about every 10 minutes) report OS inventory data. A patch compliance API periodically reads this data, and cross references metadata to determine if the latest updates are installed.
This is not the only Patch Management solution available to your organization and you should weigh your needs before committing to using this method.
Resource Types
This control targets the following resource types:
Primary Policies
The following policies can be used to configure this control:
- 4.12 - Ensure the Latest Operating System Updates Are Installed On Your Virtual Machines in All Projects
- 4.12 - Ensure the Latest Operating System Updates Are Installed On Your Virtual Machines in All Projects > Attestation
Category
In Your Workspace
Developers
- tmod:@turbot/gcp-cisv2-0#/control/types/r0412
- tmod:@turbot/cis#/control/categories/v070202
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/gcp-cisv2-0#/control/types/r0412"
Get Controls
Control Type URI
Category URI
GraphQL
CLI