CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
  • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database
      • Apex
      • Bash
      • C
      • Clojure
      • Cpp
      • Csharp
      • Dockerfile
      • Elixir
      • Fingerprints
      • Generic
      • Go
      • Html
      • Java
      • Javascript
      • Json
      • Kotlin
      • Ocaml
      • Php
      • Problem-based-packs
      • Python
      • Ruby
      • Rust
      • Scala
      • Solidity
      • Swift
      • Terraform
        • Aws
        • Azure
        • Gcp
          • Best practice
          • Security
        • Lang
      • Typescript
      • Yaml
    Gcp

    Best practice

    Ensure ‘Automatic node repair’ is enabled for Kubernetes Clusters

    Ensure PostgreSQL database ‘log_lock_waits’ flag is set to ‘on’

    Ensure MySQL database ‘local_infile’ flag is set to ‘off’

    Ensure Container-Optimized OS (cos) is used for Kubernetes Engine Clusters Node image

    Ensure Compute instances are launched with Shielded VM enabled

    Ensure Kubernetes Cluster is created with Alias IP ranges enabled

    Ensure Cloud storage has versioning enabled

    Ensure Compute instances are launched with Shielded VM enabled

    Ensure PostgreSQL database ‘log_disconnections’ flag is set to ‘on’

    Ensure Shielded GKE Nodes are Enabled

    Ensure the GKE Metadata Server is Enabled

    Ensure PostgreSQL database ‘log_min_messages’ flag is set to a valid value

    Ensure PostgreSQL database ‘log_temp_files’ flag is set to ‘0’

    Ensure PostgreSQL database ‘log_checkpoints’ flag is set to ‘on’

    Ensure all Cloud SQL database instance have backup configuration enabled

    Ensure use of Binary Authorization

    Ensure PostgreSQL database ‘log_connections’ flag is set to ‘on’

    Ensure PostgreSQL database ‘log_min_duration_statement’ flag is set to ‘-1’

    Ensure that RSASHA1 is not used for the zone-signing and key-signing keys in Cloud DNS DNSSEC

    Ensure the GKE Metadata Server is Enabled

    Ensure ‘Automatic node upgrade’ is enabled for Kubernetes Clusters

    Ensure that Private google access is enabled for IPV6

    Ensure Secure Boot for Shielded GKE Nodes is Enabled

    Ensure Kubernetes Clusters are configured with Labels

    StorageSecurity
    twitterlinkedin
    Powered by Mintlify