Control: Cloud Run services should not be publicly accessible
Description
This control checks whether Cloud Run services have public access enabled.
Usage
Run the control in your terminal:
powerpipe control run gcp_perimeter.control.cloud_run_not_publicly_accessibleSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run gcp_perimeter.control.cloud_run_not_publicly_accessible --shareSteampipe Tables
SQL
select name as resource, case when ingress = 'INGRESS_TRAFFIC_ALL' then 'alarm' else 'ok' end as status, case when ingress = 'INGRESS_TRAFFIC_ALL' then title || ' publicly accessible.' else title || ' not publicly accessible.' end as reason , location, projectfrom gcp_cloud_run_service;