instance-group-1-ptb0
Overview
Critical
0High
3Medium
3Low
0Informational
0Security issues (6)
| Severity | Non-Compliance | Issue | Remediation | Read more | Action |
|---|---|---|---|---|---|
| Medium | CIS 4.5 | VM instance has serial port access enabled. | Due to security and compliance regulations, ensure the serial port access is disabled for all your VM instances. | More info | |
| High | CIS 4.3 | VM instance does not block project-wide SSH keys. | To maintain the principle of least privilege and prevent potential privilege escalation, ensure VM instances are not configured to allow project-wide SSH keys and use instance-level SSH keys instead. | More info | |
| High | — | VM instance maintenance behavior is not set to "Migrate". | To prevent your production applications from experiencing disruptions during maintenance events, ensure VM instances have "On Host Maintenance" configuration set to "Migrate". | More info | |
| High | — | VM instance is preemptible. | To prevent your instances from being terminated in case Compute Engine requires using their resources for other tasks, ensure VM instances are not preemptible. | More info | |
| Medium | CIS 4.6 PCI DSS 4.2.1 | VM instance has IP forwarding enabled. | For security and compliance reasons, as instances with IP Forwarding enabled act as routers/packet forwarders, delete the VM instances with IP forwarding enabled and redeploy them with IP forwarding disabled. | More info | |
| Medium | CIS 4.8 | VM instance has Shielded VM security feature disabled. | For protection against rootkits and bootkits, ensure that your VM instances are configured to use Shielded VM security feature. | More info |