Turbot Guardrails Hub 
Hub
  • Mods
  • Policy Packs
  • Docs
  • Home
ModsPolicy PacksDocsHome
Mods
GCP
Loading resources...

Resource Type: GCP > Project

The Project resource type acts as a container for various GCP resources, such as virtual machines, databases, and storage, allowing users to organize, manage, and track billing and permissions for all associated resources within the project.

Resource Types

The Project service includes these resource types:

  • Policy

Controls

The primary controls for GCP > Project are:

  • API Enabled Prevention
  • CMDB
  • Discovery
  • Intelligent Assessment
  • Labels
  • Organization Policy
  • Resource AKA Cleanup
  • Service APIs
  • ServiceNow
  • Stack
  • Stack [Native]

It is also targeted by these controls:

  • GCP > App Engine > Application > Discovery
  • GCP > App Engine > Discovery
  • GCP > BigQuery > Dataset > Discovery
  • GCP > BigQuery > Dataset > Usage
  • GCP > BigQuery > Discovery
  • GCP > BigQuery > Table > Usage
  • GCP > BigQuery Data Transfer > Discovery
  • GCP > Bigtable > Discovery
  • GCP > Bigtable > Instance > Discovery
  • GCP > Bigtable > Instance > Usage
  • GCP > Bigtable > Table > Usage
  • GCP > Build > Discovery
  • GCP > CIS v1 > 1 Identity and Access Management > 1.02 Ensure that multi-factor authentication is enabled for all non-service accounts (Not Scored)
  • GCP > CIS v1 > 1 Identity and Access Management > 1.10 Ensure API keys are not created for a project (Not Scored)
  • GCP > CIS v1 > 1 Identity and Access Management > 1.11 Ensure API keys are restricted to use by only specified Hosts and Apps (Not Scored)
  • GCP > CIS v1 > 1 Identity and Access Management > 1.12 Ensure API keys are restricted to only APIs that application needs access (Not Scored)
  • GCP > CIS v1 > 1 Identity and Access Management > 1.13 Ensure API keys are rotated every 90 days (Scored)
  • GCP > CIS v1 > 2 Logging and Monitoring > 2.02 Ensure that sinks are configured for all Log entries (Scored)
  • GCP > CIS v1 > 2 Logging and Monitoring > 2.03 Ensure that object versioning is enabled on log-buckets (Scored)
  • GCP > CIS v1 > 2 Logging and Monitoring > 2.04 Ensure log metric filter and alerts exists for Project Ownership assignments/changes (Scored)
  • GCP > CIS v1 > 2 Logging and Monitoring > 2.10 Ensure log metric filter and alerts exists for Cloud Storage IAM permission changes (Scored)
  • GCP > CIS v1 > 2 Logging and Monitoring > 2.11 Ensure log metric filter and alerts exists for SQL instance configuration changes (Scored)
  • GCP > CIS v1 > 3 Networking > 3.02 Ensure legacy networks does not exists for a project (Scored)
  • GCP > CIS v2.0 > 1 - Identity and Access Management > 1.02 - Ensure that Multi-Factor Authentication is 'Enabled' for All Non-Service Accounts
  • GCP > CIS v2.0 > 1 - Identity and Access Management > 1.03 - Ensure that Security Key Enforcement is Enabled for All Admin Accounts
  • GCP > CIS v2.0 > 1 - Identity and Access Management > 1.12 - Ensure API Keys Only Exist for Active Services
  • GCP > CIS v2.0 > 1 - Identity and Access Management > 1.16 - Ensure Essential Contacts is Configured for Organization
  • GCP > CIS v2.0 > 2 - Logging and Monitoring > 2.02 - Ensure That Sinks Are Configured for All Log Entries
  • GCP > CIS v2.0 > 2 - Logging and Monitoring > 2.04 - Ensure Log Metric Filter and Alerts Exist for Project Ownership Assignments/Changes
  • GCP > CIS v2.0 > 2 - Logging and Monitoring > 2.05 - Ensure That the Log Metric Filter and Alerts Exist for Audit Configuration Changes
  • GCP > CIS v2.0 > 2 - Logging and Monitoring > 2.06 - Ensure That the Log Metric Filter and Alerts Exist for Custom Role Changes
  • GCP > CIS v2.0 > 2 - Logging and Monitoring > 2.07 - Ensure That the Log Metric Filter and Alerts Exist for VPC Network Firewall Rule Changes
  • GCP > CIS v2.0 > 2 - Logging and Monitoring > 2.08 - Ensure That the Log Metric Filter and Alerts Exist for VPC Network Route Changes
  • GCP > CIS v2.0 > 2 - Logging and Monitoring > 2.09 - Ensure That the Log Metric Filter and Alerts Exist for VPC Network Changes
  • GCP > CIS v2.0 > 2 - Logging and Monitoring > 2.10 - Ensure That the Log Metric Filter and Alerts Exist for Cloud Storage IAM Permission Changes
  • GCP > CIS v2.0 > 2 - Logging and Monitoring > 2.11 - Ensure That the Log Metric Filter and Alerts Exist for SQL Instance Configuration Changes
  • GCP > CIS v2.0 > 2 - Logging and Monitoring > 2.13 - Ensure Cloud Asset Inventory Is Enabled
  • GCP > CIS v2.0 > 2 - Logging and Monitoring > 2.14 - Ensure 'Access Transparency' is 'Enabled'
  • GCP > CIS v2.0 > 2 - Logging and Monitoring > 2.15 - Ensure 'Access Approval' is 'Enabled'
  • GCP > CIS v2.0 > 3 - Networking > 3.02 - Ensure Legacy Networks Do Not Exist for Older Projects
  • GCP > CIS v3.0 > 1 - Identity and Access Management > 1.02 - Ensure that Multi-Factor Authentication is 'Enabled' for All Non-Service Accounts
  • GCP > CIS v3.0 > 1 - Identity and Access Management > 1.03 - Ensure that Security Key Enforcement is Enabled for All Admin Accounts
  • GCP > CIS v3.0 > 1 - Identity and Access Management > 1.12 - Ensure API Keys Only Exist for Active Services
  • GCP > CIS v3.0 > 1 - Identity and Access Management > 1.16 - Ensure Essential Contacts is Configured for Organization
  • GCP > CIS v3.0 > 2 - Logging and Monitoring > 2.02 - Ensure That Sinks Are Configured for All Log Entries
  • GCP > CIS v3.0 > 2 - Logging and Monitoring > 2.04 - Ensure Log Metric Filter and Alerts Exist for Project Ownership Assignments/Changes
  • GCP > CIS v3.0 > 2 - Logging and Monitoring > 2.05 - Ensure That the Log Metric Filter and Alerts Exist for Audit Configuration Changes
  • GCP > CIS v3.0 > 2 - Logging and Monitoring > 2.06 - Ensure That the Log Metric Filter and Alerts Exist for Custom Role Changes
  • GCP > CIS v3.0 > 2 - Logging and Monitoring > 2.07 - Ensure That the Log Metric Filter and Alerts Exist for VPC Network Firewall Rule Changes
  • GCP > CIS v3.0 > 2 - Logging and Monitoring > 2.08 - Ensure That the Log Metric Filter and Alerts Exist for VPC Network Route Changes
  • GCP > CIS v3.0 > 2 - Logging and Monitoring > 2.09 - Ensure That the Log Metric Filter and Alerts Exist for VPC Network Changes
  • GCP > CIS v3.0 > 2 - Logging and Monitoring > 2.10 - Ensure That the Log Metric Filter and Alerts Exist for Cloud Storage IAM Permission Changes
  • GCP > CIS v3.0 > 2 - Logging and Monitoring > 2.11 - Ensure That the Log Metric Filter and Alerts Exist for SQL Instance Configuration Changes
  • GCP > CIS v3.0 > 2 - Logging and Monitoring > 2.13 - Ensure Cloud Asset Inventory Is Enabled
  • GCP > CIS v3.0 > 2 - Logging and Monitoring > 2.14 - Ensure 'Access Transparency' is 'Enabled'
  • GCP > CIS v3.0 > 2 - Logging and Monitoring > 2.15 - Ensure 'Access Approval' is 'Enabled'
  • GCP > CIS v3.0 > 3 - Networking > 3.02 - Ensure Legacy Networks Do Not Exist for Older Projects
  • GCP > CIS v4.0 > 1 - Identity and Access Management > 1.02 - Ensure that Multi-Factor Authentication is 'Enabled' for All Non-Service Accounts
  • GCP > CIS v4.0 > 1 - Identity and Access Management > 1.03 - Ensure that Security Key Enforcement is Enabled for All Admin Accounts
  • GCP > CIS v4.0 > 1 - Identity and Access Management > 1.12 - Ensure API Keys Only Exist for Active Services
  • GCP > CIS v4.0 > 1 - Identity and Access Management > 1.16 - Ensure Essential Contacts is Configured for Organization
  • GCP > CIS v4.0 > 2 - Logging and Monitoring > 2.02 - Ensure That Sinks Are Configured for All Log Entries
  • GCP > CIS v4.0 > 2 - Logging and Monitoring > 2.04 - Ensure Log Metric Filter and Alerts Exist for Project Ownership Assignments/Changes
  • GCP > CIS v4.0 > 2 - Logging and Monitoring > 2.05 - Ensure That the Log Metric Filter and Alerts Exist for Audit Configuration Changes
  • GCP > CIS v4.0 > 2 - Logging and Monitoring > 2.06 - Ensure That the Log Metric Filter and Alerts Exist for Custom Role Changes
  • GCP > CIS v4.0 > 2 - Logging and Monitoring > 2.07 - Ensure That the Log Metric Filter and Alerts Exist for VPC Network Firewall Rule Changes
  • GCP > CIS v4.0 > 2 - Logging and Monitoring > 2.08 - Ensure That the Log Metric Filter and Alerts Exist for VPC Network Route Changes
  • GCP > CIS v4.0 > 2 - Logging and Monitoring > 2.09 - Ensure That the Log Metric Filter and Alerts Exist for VPC Network Changes
  • GCP > CIS v4.0 > 2 - Logging and Monitoring > 2.10 - Ensure That the Log Metric Filter and Alerts Exist for Cloud Storage IAM Permission Changes
  • GCP > CIS v4.0 > 2 - Logging and Monitoring > 2.11 - Ensure That the Log Metric Filter and Alerts Exist for SQL Instance Configuration Changes
  • GCP > CIS v4.0 > 2 - Logging and Monitoring > 2.13 - Ensure Cloud Asset Inventory Is Enabled
  • GCP > CIS v4.0 > 2 - Logging and Monitoring > 2.14 - Ensure 'Access Transparency' is 'Enabled'
  • GCP > CIS v4.0 > 2 - Logging and Monitoring > 2.15 - Ensure 'Access Approval' is 'Enabled'
  • GCP > CIS v4.0 > 3 - Networking > 3.02 - Ensure Legacy Networks Do Not Exist for Older Projects
  • GCP > Cloud Run > Discovery
  • GCP > Composer > Discovery
  • GCP > Compute Engine > Discovery
  • GCP > Compute Engine > Health Check > Discovery
  • GCP > Compute Engine > Health Check > Usage
  • GCP > Compute Engine > HTTP Health Check > Discovery
  • GCP > Compute Engine > HTTP Health Check > Usage
  • GCP > Compute Engine > HTTPS Health Check > Discovery
  • GCP > Compute Engine > HTTPS Health Check > Usage
  • GCP > Compute Engine > Image > Discovery
  • GCP > Compute Engine > Image > Usage
  • GCP > Compute Engine > Instance Template > Discovery
  • GCP > Compute Engine > Instance Template > Usage
  • GCP > Compute Engine > Project > Discovery
  • GCP > Compute Engine > Region Health Check > Usage
  • GCP > Compute Engine > Snapshot > Discovery
  • GCP > Compute Engine > Snapshot > Usage
  • GCP > Data Catalog > Discovery
  • GCP > Dataflow > Discovery
  • GCP > Dataflow > Job > Usage
  • GCP > Datapipeline > Discovery
  • GCP > Dataplex > Discovery
  • GCP > Dataproc > Discovery
  • GCP > DNS > Discovery
  • GCP > DNS > Managed Zone > Discovery
  • GCP > DNS > Managed Zone > Usage
  • GCP > DNS > Policy > Discovery
  • GCP > DNS > Policy > Usage
  • GCP > Firebase > Android App > Usage
  • GCP > Firebase > Discovery
  • GCP > Firebase > Firebase Project > Discovery
  • GCP > Firebase > iOS App > Usage
  • GCP > Firebase > Web App > Usage
  • GCP > Functions > Discovery
  • GCP > Global Region > Discovery
  • GCP > IAM > API Key > Discovery
  • GCP > IAM > API Key > Usage
  • GCP > IAM > Discovery
  • GCP > IAM > Project Role > Discovery
  • GCP > IAM > Project User > Discovery
  • GCP > IAM > Service Account > Discovery
  • GCP > IAM > Service Account > Usage
  • GCP > KMS > Discovery
  • GCP > Kubernetes Engine > Discovery
  • GCP > Logging > Discovery
  • GCP > Logging > Exclusion > Discovery
  • GCP > Logging > Exclusion > Usage
  • GCP > Logging > Metric > Discovery
  • GCP > Logging > Metric > Usage
  • GCP > Logging > Sink > Discovery
  • GCP > Logging > Sink > Usage
  • GCP > Memorystore > Discovery
  • GCP > Model Armor > Discovery
  • GCP > Model Armor > Floor Setting > Discovery
  • GCP > Monitoring > Alert Policy > Discovery
  • GCP > Monitoring > Alert Policy > Usage
  • GCP > Monitoring > Discovery
  • GCP > Monitoring > Group > Discovery
  • GCP > Monitoring > Group > Usage
  • GCP > Monitoring > Notification Channel > Discovery
  • GCP > Monitoring > Notification Channel > Usage
  • GCP > Multi-Region > Discovery
  • GCP > Network > Backend Bucket > Discovery
  • GCP > Network > Backend Bucket > Usage
  • GCP > Network > Backend Service > Discovery
  • GCP > Network > Backend Service > Usage
  • GCP > Network > Discovery
  • GCP > Network > Firewall > Discovery
  • GCP > Network > Firewall > Usage
  • GCP > Network > Forwarding Rule > Usage
  • GCP > Network > Global Address > Discovery
  • GCP > Network > Global Address > Usage
  • GCP > Network > Global Forwarding Rule > Discovery
  • GCP > Network > Global Forwarding Rule > Usage
  • GCP > Network > Interconnect > Discovery
  • GCP > Network > Interconnect > Usage
  • GCP > Network > Network > Discovery
  • GCP > Network > Network > Usage
  • GCP > Network > Packet Mirroring > Usage
  • GCP > Network > Region Backend Service > Usage
  • GCP > Network > Region URL Map > Usage
  • GCP > Network > Route > Discovery
  • GCP > Network > SSL Certificate > Discovery
  • GCP > Network > SSL Certificate > Usage
  • GCP > Network > SSL Policy > Discovery
  • GCP > Network > SSL Policy > Usage
  • GCP > Network > Target HTTPS Proxy > Discovery
  • GCP > Network > Target HTTPS Proxy > Usage
  • GCP > Network > Target Pool > Usage
  • GCP > Network > Target SSL Proxy > Discovery
  • GCP > Network > Target SSL Proxy > Usage
  • GCP > Network > Target TCP Proxy > Discovery
  • GCP > Network > Target TCP Proxy > Usage
  • GCP > Network > URL Map > Discovery
  • GCP > Network > URL Map > Usage
  • GCP > Notebooks > Discovery
  • GCP > Project > Policy > Discovery
  • GCP > Pub/Sub > Discovery
  • GCP > Pub/Sub > Snapshot > Discovery
  • GCP > Pub/Sub > Snapshot > Usage
  • GCP > Pub/Sub > Topic > Discovery
  • GCP > Pub/Sub > Topic > Usage
  • GCP > Region > Discovery
  • GCP > Scheduler > Discovery
  • GCP > Scheduler > Job > Usage
  • GCP > Secret Manager > Discovery
  • GCP > Secret Manager > Secret > Discovery
  • GCP > Spanner > Discovery
  • GCP > SQL > Database > Usage
  • GCP > SQL > Discovery
  • GCP > SQL > Instance > Usage
  • GCP > Storage > Discovery
  • GCP > Turbot > Event Handlers > Logging
  • GCP > Turbot > Event Handlers > Pub/Sub
  • GCP > Turbot > Event Poller
  • GCP > Turbot > IAM
  • GCP > Vertex AI > Discovery
  • GCP > Vertex AI > Publisher Model > Discovery
  • ServiceNow > Turbot > Watches > GCP

Quick Actions

  • Project Event Handler
  • Project Raw Event Handler
  • Router
  • Service API Router
  • Set Labels

Category

  • Cloud > Account

In Your Workspace

  • Controls by Resource Type report
  • Policy Settings by Resource Type report
  • Resources by Resource Type report

Developers

    Resource Type URI
    • tmod:@turbot/gcp#/resource/types/project
    • Category URI
    • tmod:@turbot/turbot#/resource/categories/cloudAccount
    • GraphQL
    • query resource(id: "tmod:@turbot/gcp#/resource/types/project") { … }
    • query resourceActivities(filter: "resourceId:'tmod:@turbot/gcp#/resource/types/project'") { … }
    • mutation createResource(input: { … })
    • mutation updateResource(input: { … })
    • CLI
    • Get Resource
    • turbot graphql resource --id "tmod:@turbot/gcp#/resource/types/project"
    • Steampipe Query
    • Get Resource
    • select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/gcp#/resource/types/project';
      • Get Policy Settings (By Resource ID)
    • select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/gcp#/resource/types/project"';
      • Get Resource Notification
    • select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/gcp#/resource/types/project' and notification_type in ('resource_updated', 'resource_created');
Guardrails
Guardrails Hub
  • Hub
  • Docs
  • Blog
  • Changelog
Products
  • GuardrailsGuardrails
  • PipesPipes
  • SteampipeSteampipe
  • PowerpipePowerpipe
  • FlowpipeFlowpipe
  • TailpipeTailpipe
Turbot
  • Home
  • About us
  • We're hiring!
  • Contact us
Community

Our community of practitioners love to discuss cloud governance & security.

Slack logoJoin us on Slack →

System StatusLegalSecurity
Terms of UseSecurityPrivacy
40
Mods
151
Resource Types
2,578
Policies
1,253
Controls
118
Quick Actions
89
IAM