Powerpipe Detection Mods →
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-gcp-compliance
Overview
12Dashboards
536Benchmarks
201Queries
2Variables
GitHub

Control: Ensure essential contacts is configured for Organization

Description

It is recommended that Essential Contacts is configured to designate email addresses for Google Cloud services to notify of important technical or security information.

Usage

Run the control in your terminal:

powerpipe control run gcp_compliance.control.organization_essential_contacts_configured

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run gcp_compliance.control.organization_essential_contacts_configured --share

SQL

This control uses a named query:

-- "Essential Contacts API" should be Enabled and requires "Essential Contacts Viewer" at Organization level.
with categories as (
  select
    name,
    title,
    _ctx,
    organization_id,
    notificationtype
  from
    gcp_organization,
    jsonb_array_elements(essential_contacts) as ec,
    jsonb_array_elements_text(ec -> 'notificationCategorySubscriptions') as notificationtype
)
select
  name resource,
  case
    when jsonb_array_length('["LEGAL", "SECURITY", "SUSPENSION", "TECHNICAL", "TECHNICAL_INCIDENTS"]'::jsonb - array_agg(notificationtype)) = 0 then 'ok'
    when to_jsonb(array_agg(notificationtype)) @> '["ALL"]'::jsonb then 'ok'
    else 'alarm'
  end as status,
  case
    when jsonb_array_length('["LEGAL", "SECURITY", "SUSPENSION", "TECHNICAL", "TECHNICAL_INCIDENTS"]'::jsonb - array_agg(notificationtype)) = 0
      then title || ' essential contacts are configured.'
    when to_jsonb(array_agg(notificationtype)) @> '["ALL"]'::jsonb
      then title || ' essential contacts are configured.'
    else title || ' essential contacts are not configured.'
  end as reason,
  organization_id
from
  categories
group by
  name,
  title,
  _ctx,
  organization_id;

Tags

category = Compliance
nist_800_53_rev_5 = true
nist_csf_v10 = true
plugin = gcp
service = GCP/Organization
soc_2_2017 = true