CodeAnt AI home pagelight logodark logo
  • Support
  • Dashboard
  • Dashboard
  • Join Community
Start Here
  • What is CodeAnt?
Setup
  • Github
  • Bitbucket
  • Gitlab
  • Azure Devops
Pull Request Review
  • Features
  • Customize Review
  • Quality Gates
  • Integrations
Scan center
  • Code Security
  • Code Quality
  • Cloud Security
  • Engineering Productivity
Integrations
  • Jira
  • Test Coverage
  • CI/CD
IDE
  • Setup
  • Review
  • Enhancements
Rule Reference
  • Compliance
  • Anti-Patterns
  • Code Governance
  • Infrastructure Security Database
  • Application Security Database
    • Apex
    • Bash
    • C
    • Clojure
    • Cpp
    • Csharp
    • Dockerfile
    • Elixir
    • Fingerprints
    • Generic
    • Go
    • Html
    • Java
    • Javascript
    • Json
    • Kotlin
    • Ocaml
    • Php
    • Problem-based-packs
    • Python
    • Ruby
    • Rust
    • Scala
    • Solidity
    • Swift
    • Terraform
      • Aws
      • Azure
      • Gcp
        • Best practice
        • Security
      • Lang
    • Typescript
    • Yaml
Resources
  • Open Source
  • Blogs
Gcp

Best practice

gcp-gke-nodepool-auto-repair-enabled

Ensure ‘Automatic node repair’ is enabled for Kubernetes Clusters

gcp-postgresql-log-lock-waits

Ensure PostgreSQL database ‘log_lock_waits’ flag is set to ‘on’

gcp-mysql-local-in-file-off

Ensure MySQL database ‘local_infile’ flag is set to ‘off’

gcp-gke-use-cos-image

Ensure Container-Optimized OS (cos) is used for Kubernetes Engine Clusters Node image

gcp-compute-template-shielded-vm

Ensure Compute instances are launched with Shielded VM enabled

gcp-gke-alias-ip-enabled

Ensure Kubernetes Cluster is created with Alias IP ranges enabled

gcp-storage-versioning-enabled

Ensure Cloud storage has versioning enabled

gcp-compute-shielded-vm

Ensure Compute instances are launched with Shielded VM enabled

gcp-postgresql-log-disconnection

Ensure PostgreSQL database ‘log_disconnections’ flag is set to ‘on’

gcp-gke-enable-shielded-nodes

Ensure Shielded GKE Nodes are Enabled

gcp-gke-nodepool-metadata-server-enabled

Ensure the GKE Metadata Server is Enabled

gcp-postgresql-log-min-message

Ensure PostgreSQL database ‘log_min_messages’ flag is set to a valid value

gcp-postgresql-log-temp

Ensure PostgreSQL database ‘log_temp_files’ flag is set to ‘0’

gcp-postgresql-log-checkpoints

Ensure PostgreSQL database ‘log_checkpoints’ flag is set to ‘on’

gcp-gke-sql-backup-configuration-enabled

Ensure all Cloud SQL database instance have backup configuration enabled

gcp-gke-binary-authorization

Ensure use of Binary Authorization

gcp-postgresql-log-connection

Ensure PostgreSQL database ‘log_connections’ flag is set to ‘on’

gcp-postgresql-log-min-duration

Ensure PostgreSQL database ‘log_min_duration_statement’ flag is set to ‘-1’

gcp-dnssec-enabled

Ensure that RSASHA1 is not used for the zone-signing and key-signing keys in Cloud DNS DNSSEC

gcp-gke-metadata-server-enabled

Ensure the GKE Metadata Server is Enabled

gcp-gke-nodepool-auto-upgrade-enabled

Ensure ‘Automatic node upgrade’ is enabled for Kubernetes Clusters

gcp-ipv6-private-google-enabled

Ensure that Private google access is enabled for IPV6

gcp-gke-nodepool-secure-boot-for-shielded-nodes

Ensure Secure Boot for Shielded GKE Nodes is Enabled

gcp-gke-has-labels

Ensure Kubernetes Clusters are configured with Labels
StorageSecurity
twitterlinkedin
Powered by Mintlify
Assistant
Responses are generated using AI and may contain mistakes.