Policy: GCP > DNS > Managed Zone > DNSSEC Configuration

Determine whether to check or enforce DNSSEC Configuration settings for the GCP Managed Zone.

Targets

This policy targets the following resource types:

Setting this policy configures this control:

This policy setting is used by the following policy packs:

Schema Type	`string`
Default	`Skip`
Valid Values [YAML]	`Skip` `Check: Enabled` `Check: Disabled` `Check: Transfer Enabled` `Enforce: Enabled` `Enforce: Disabled` `Enforce: Transfer Enabled`

Category URI

tmod:@turbot/turbot#/control/categories/security

Policy Type URI

tmod:@turbot/gcp-dns#/policy/types/managedZoneDnssecConfiguration

GraphQL

query policyType(id: "tmod:@turbot/gcp-dns#/policy/types/managedZoneDnssecConfiguration") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/gcp-dns#/policy/types/managedZoneDnssecConfiguration'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/gcp-dns#/policy/types/managedZoneDnssecConfiguration'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/gcp-dns#/policy/types/managedZoneDnssecConfiguration"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-dns#/policy/types/managedZoneDnssecConfiguration"