Policy Settings
The Enforce GCP VPC Network Firewall Rules with Port Ranges to Block Incoming Traffic policy pack has 2 policy settings:
Policy | Setting | Note |
---|---|---|
GCP > Network > Firewall > Ingress Rules > Approved | Check: Approved | |
GCP > Network > Firewall > Ingress Rules > Approved > Rules | # Reject ports 21(FTP), 22(SSH), 25(SMTP), 80(HTTP), 443(HTTPS), 3389(RDP) REJECT $.turbot.ports.+:21,22,25,80,443,3389 $.turbot.cidr:0.0.0.0/0,::/0 # Reject if IP protocol is all REJECT $.turbot.protocol:all $.turbot.cidr:0.0.0.0/0,::/0 # Reject port range sizes greater than 1 REJECT $.turbot.portRangeSize:>1 # Approve unmatched rules APPROVE * |