gke-cluster-1-default-pool-fc104738-dlsn

Region: us-central1
Overview
Critical
0
High
3
Medium
0
Low
2
Informational
0
Security issues (5)
Severity Non-Compliance Issue Remediation Read more Action
High CIS 4.3 VM instance does not block project-wide SSH keys. To maintain the principle of least privilege and prevent potential privilege escalation, ensure VM instances are not configured to allow project-wide SSH keys and use instance-level SSH keys instead. More info
High PCI DSS 4.2.1 VM instance has no Two-Factor Authentication (2FA) enabled for OS Login. To fulfill PCI compliance requirements for additional security features for any required service, ensure that VM instances have OS login feature enabled and configured with 2FA. More info
Low VM instance has no deletion protection. To prevent accidental VM deletion, ensure that VM instances have deletion protection enabled. More info
Low VM instance has Auto-Delete behavior rule enabled for the persistent disk: persistent-disk-0. To protect the VM data from being deleted when the associated VM instance is deleted and to meet security and compliance requirements, that Auto-Delete is disabled for all persistent disks associated with your VM instances. More info
High PCI DSS 3.5 HIPAA (Encryption) VM instance has no persistent disks encrypted with Customer-Managed Keys (CMKs). To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, ensure that the persistent disks attached to your VM instances are encrypted with CMKs. More info