turbot/gcp_compliance

Query: compute_firewall_allow_connections_proxied_by_iap

Usage

powerpipe query gcp_compliance.query.compute_firewall_allow_connections_proxied_by_iap

Steampipe Tables

SQL

select
self_link resource,
case
when allowed @> '[{"IPProtocol":"tcp","ports":["80"]}]' and source_ranges ?& array['130.211.0.0/22', '35.191.0.0/16'] then 'ok'
else 'alarm'
end as status,
case
when allowed @> '[{"IPProtocol":"tcp","ports":["80"]}]' and source_ranges ?& array['130.211.0.0/22', '35.191.0.0/16']
then title || ' only allows traffic proxied by IAP.'
else title || ' not configured to only allow connections proxied by IAP.'
end as reason
, location as location, project as project
from
gcp_compute_firewall;

Controls

The query is being used by the following controls: