Control: GCP > CIS v3.0 > 1 - Identity and Access Management > 1.18 - Ensure Secrets are Not Stored in Cloud Functions Environment Variables by Using Secret Manager
Configures auditing against a CIS Benchmark item.
Level: 1
Google Cloud Functions allow you to host serverless code that is executed when an event is triggered, without the requiring the management a host operating system. These functions can also store environment variables to be used by the code that may contain authentication or other information that needs to remain confidential.
Resource Types
This control targets the following resource types:
Policies
This control type relies on these other policies when running actions:
- GCP > CIS v3.0 > Maximum Attestation Duration
- GCP > CIS v3.0
- GCP > CIS v3.0 > 1 - Identity and Access Management > 1.18 - Ensure Secrets are Not Stored in Cloud Functions Environment Variables by Using Secret Manager
- GCP > CIS v3.0 > 1 - Identity and Access Management > 1.18 - Ensure Secrets are Not Stored in Cloud Functions Environment Variables by Using Secret Manager > Attestation
- GCP > CIS v3.0 > 1 - Identity and Access Management
- GCP > CIS v3.0 > 1 - Identity and Access Management > Maximum Attestation Duration
Category
In Your Workspace
Developers
- tmod:@turbot/gcp-cisv3-0#/control/types/r0118
- tmod:@turbot/cis#/control/categories/v071604
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/gcp-cisv3-0#/control/types/r0118"
Get Controls
Control Type URI
Category URI
GraphQL
CLI