Azure and GCP Perimeter Security, CIS Updates, and Enhanced Plugins →
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-gcp-compliance
Overview
14Dashboards
621Benchmarks
202Queries
2Variables
GitHub

Control: Ensure compute firewall rule have logging enabled

Description

Firewall rules should have logging enabled. This control fails if logging is disabled for firewall rule.

Usage

Run the control in your terminal:

powerpipe control run gcp_compliance.control.compute_firewall_rule_logging_enabled

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run gcp_compliance.control.compute_firewall_rule_logging_enabled --share

SQL

This control uses a named query:

select
  self_link as resource,
  case
    when log_config_enable then 'ok'
    else 'alarm'
  end as status,
  case
    when log_config_enable then name || ' logging enabled.'
    else name || ' logging disabled.'
  end as reason
  , location as location, project as project
from
  gcp_compute_firewall;

Tags

category = Compliance
nist_csf_v2 = true
pci_dss_v321 = true
plugin = gcp
service = GCP/Compute