gke-cluster-1-default-pool-fc104738-2sxd
Region: us-central1
Overview
Critical
0High
2Medium
0Low
2Informational
0Security issues (4)
Severity | Non-Compliance | Issue | Remediation | Read more | Action |
---|---|---|---|---|---|
High | PCI DSS 4.2.1 | VM instance has no Two-Factor Authentication (2FA) enabled for OS Login. | To fulfill PCI compliance requirements for additional security features for any required service, ensure that VM instances have OS login feature enabled and configured with 2FA. | More info | |
Low | — | VM instance has no deletion protection. | To prevent accidental VM deletion, ensure that VM instances have deletion protection enabled. | More info | |
Low | — | VM instance has Auto-Delete behavior rule enabled for the persistent disk: persistent-disk-0. | To protect the VM data from being deleted when the associated VM instance is deleted and to meet security and compliance requirements, that Auto-Delete is disabled for all persistent disks associated with your VM instances. | More info | |
High | PCI DSS 3.5 HIPAA (Encryption) | VM instance has no persistent disks encrypted with Customer-Managed Keys (CMKs). | To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, ensure that the persistent disks attached to your VM instances are encrypted with CMKs. | More info |