CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
    • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database
      • Apex
      • Bash
      • C
      • Clojure
      • Cpp
      • Csharp
      • Dockerfile
      • Elixir
      • Fingerprints
      • Generic
      • Go
      • Html
      • Java
      • Javascript
      • Json
      • Kotlin
      • Ocaml
      • Php
      • Problem-based-packs
      • Python
      • Ruby
      • Rust
      • Scala
      • Solidity
      • Swift
      • Terraform
        • Aws
        • Azure
        • Gcp
          • Best practice
          • Security
        • Lang
      • Typescript
      • Yaml
    Gcp

    Best practice

    gcp-gke-nodepool-auto-repair-enabled

    Ensure ‘Automatic node repair’ is enabled for Kubernetes Clusters

    gcp-postgresql-log-lock-waits

    Ensure PostgreSQL database ‘log_lock_waits’ flag is set to ‘on’

    gcp-mysql-local-in-file-off

    Ensure MySQL database ‘local_infile’ flag is set to ‘off’

    gcp-gke-use-cos-image

    Ensure Container-Optimized OS (cos) is used for Kubernetes Engine Clusters Node image

    gcp-compute-template-shielded-vm

    Ensure Compute instances are launched with Shielded VM enabled

    gcp-gke-alias-ip-enabled

    Ensure Kubernetes Cluster is created with Alias IP ranges enabled

    gcp-storage-versioning-enabled

    Ensure Cloud storage has versioning enabled

    gcp-compute-shielded-vm

    Ensure Compute instances are launched with Shielded VM enabled

    gcp-postgresql-log-disconnection

    Ensure PostgreSQL database ‘log_disconnections’ flag is set to ‘on’

    gcp-gke-enable-shielded-nodes

    Ensure Shielded GKE Nodes are Enabled

    gcp-gke-nodepool-metadata-server-enabled

    Ensure the GKE Metadata Server is Enabled

    gcp-postgresql-log-min-message

    Ensure PostgreSQL database ‘log_min_messages’ flag is set to a valid value

    gcp-postgresql-log-temp

    Ensure PostgreSQL database ‘log_temp_files’ flag is set to ‘0’

    gcp-postgresql-log-checkpoints

    Ensure PostgreSQL database ‘log_checkpoints’ flag is set to ‘on’

    gcp-gke-sql-backup-configuration-enabled

    Ensure all Cloud SQL database instance have backup configuration enabled

    gcp-gke-binary-authorization

    Ensure use of Binary Authorization

    gcp-postgresql-log-connection

    Ensure PostgreSQL database ‘log_connections’ flag is set to ‘on’

    gcp-postgresql-log-min-duration

    Ensure PostgreSQL database ‘log_min_duration_statement’ flag is set to ‘-1’

    gcp-dnssec-enabled

    Ensure that RSASHA1 is not used for the zone-signing and key-signing keys in Cloud DNS DNSSEC

    gcp-gke-metadata-server-enabled

    Ensure the GKE Metadata Server is Enabled

    gcp-gke-nodepool-auto-upgrade-enabled

    Ensure ‘Automatic node upgrade’ is enabled for Kubernetes Clusters

    gcp-ipv6-private-google-enabled

    Ensure that Private google access is enabled for IPV6

    gcp-gke-nodepool-secure-boot-for-shielded-nodes

    Ensure Secure Boot for Shielded GKE Nodes is Enabled

    gcp-gke-has-labels

    Ensure Kubernetes Clusters are configured with Labels
    StorageSecurity
    twitterlinkedin
    Powered by Mintlify
    Assistant
    Responses are generated using AI and may contain mistakes.