gcp_compliance

GCP Compliance

It is recommended that the IAM policy on Cloud KMS cryptokeys should restrict anonymous and/or public access.

kms_key_not_publicly_accessible

hipaa_164_308_a_3_i

164.308(a)(3)(i) Workforce security

hipaa_164_308_a_3_ii

164.308(a)(3)(ii) Implementation specifications

hipaa_164_312_a_1

164.312(a)(1) Access control.

nist_800_53_rev_5_ac_3

Account Management (AC-3)

soc_2_2017_cc_5_2_3

CC5.2.3

soc_2_2017_cc_6_1_3

CC6.1.3

soc_2_2017_cc_6_1_7

CC6.1.7

all_controls_kms

nist_800_53_rev_5_ac_6

Least Privilege (AC-6)

nist_800_53_rev_5_mp_2

Media Access (MP-2)

nist_csf_v10_pr_ac_4

PR.AC-4

nist_800_53_rev_5_ac_5

Separation Of Duties (AC-5)

Ensure that Cloud KMS cryptokeys are not anonymously or publicly accessible

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, Forseti Security and CFT Scorecard across all your GCP projects using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-gcp-compliance

Control: Ensure that Cloud KMS cryptokeys are not anonymously or publicly accessible

Description

Usage

SQL

Tags