Control: Ensure that RSASHA1 is not used for zone-signing key in Cloud DNS
Usage
Run the control in your terminal:
powerpipe control run terraform_gcp_compliance.control.dnssec_prevent_rsasha1_zsk
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run terraform_gcp_compliance.control.dnssec_prevent_rsasha1_zsk --share
SQL
This control uses a named query:
dns_managed_zone_zone_signing_not_using_rsasha1