0

I've been looking for few checks to make sure that our company's Google cloud is configured properly. Below are the few cases I want to check via some APIs programmatically. I would like to know which APIs can be used to achieve this.

  1. Need to check if Cloud SQL auditing is enabled.
  2. As in the networking section, again you should not allow ingress to your databases from the global internet. Do not allow 0.0.0.0 or /0 when creating authorized networks for your databases. Similarly, MySQL should not allow root users to connect from 0.0.0.0.
  3. Use Cloud audit logs to regularly audit changes to your IAM policy.
  4. Ensure VPC flow logging is enabled in all VPCs.
  5. Ensure no security group allows ingress from 0.0.0.0/0 to port 22.
  6. Get a list of services for whom data access logs are enabled.

Also, it would be great if there is a well-known list of security practices for Gcloud like CIS (available for AWS and Azure).

Rajat Paliwal
  • 634
  • 7
  • 11
  • 1
    Can you link to the best security practices for AWS and Azure? – ScottMcC Jul 03 '18 at 02:10
  • Here is the link (https://www.cisecurity.org/cis-benchmarks/). I need help to figure out similar Google cloud APIs. – Rajat Paliwal Jul 03 '18 at 11:32
  • Well I am not sure on the CIS benchmarks, but if you want audit your Google cloud, you can use this open-source tool https://github.com/nccgroup/G-Scout Hope it helps! – Shivankar Aug 22 '18 at 08:41

1 Answers1

0

You can use Cloud Audit Logging for checking Admin Activity, System Event and Data Access of any GCP component.

As for the configuration specifics, you can check if the component's API can be helpful. e.g.:

Test with the API Explorer to see all methods in action.

alp
  • 642
  • 5
  • 13