turbot/gcp_compliance

Query: kubernetes_cluster_subnetwork_private_ip_google_access_enabled

Usage

powerpipe query gcp_compliance.query.kubernetes_cluster_subnetwork_private_ip_google_access_enabled

SQL

select
c.self_link resource,
case
when s.private_ip_google_access then 'ok'
else 'alarm'
end as status,
case
when s.private_ip_google_access then c.title || ' private Google Access is enabled.'
else c.title || ' private Google Access is disabled.'
end as reason
, c.location as location, c.project as project
from
gcp_kubernetes_cluster as c
left join gcp_compute_subnetwork as s on concat('projects' , split_part(s.self_link , '/projects' ,2)) = c.network_config ->> 'Subnetwork';

Controls

The query is being used by the following controls: