Project contains resources over the 90% limit: 'Static addresses' has 8 of 8 resources, 'Target HTTPS proxies' has 9 of 10 resources, 'Target HTTP proxies' has 10 of 10 resources, 'Firewalls' has 92 of 100 resources, 'In-use addresses' has 8 of 8 resources...
Request an increase of resource quotas via GCP support, to make sure the number of available resources is within the per-account limits.
To fulfill HIPAA and PCI DSS requirements on strong cryptographic and security protocols for transmitting user data, ensure that your load balancers are configured to use valid SSL/TLS certificates.
Kubernetes cluster has Container-Optimized OS disabled for node pool: node-pool2.
To bring up your Docker containers on Google Cloud Platform quickly, efficiently, and securely, use Container-Optimized OS for all Kubernetes cluster nodes.
No Customer-Managed Keys (CMK) encryption found for Kubernetes cluster node pools: node-pool4, node-pool3, default-pool.
To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure your Kubernetes cluster node pools are encrypted using CMK.
For a more secure environment with only specified connections allowed between cluster pods, ensure all Kubernetes clusters have network policy enabled.
To maintain the principle of least privilege and prevent potential privilege escalation, ensure VM instances are not configured to allow project-wide SSH keys and use instance-level SSH keys instead.
VM instance has no Two-Factor Authentication (2FA) enabled for OS Login.
To fulfill PCI compliance requirements for additional security features for any required service, ensure that VM instances have OS login feature enabled and configured with 2FA.
VM instance has no persistent disks encrypted with Customer-Managed Keys (CMKs).
To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, ensure that the persistent disks attached to your VM instances are encrypted with CMKs.
To maintain the principle of least privilege and prevent potential privilege escalation, ensure VM instances are not configured to allow project-wide SSH keys and use instance-level SSH keys instead.
VM instance has no Two-Factor Authentication (2FA) enabled for OS Login.
To fulfill PCI compliance requirements for additional security features for any required service, ensure that VM instances have OS login feature enabled and configured with 2FA.
VM instance has no persistent disks encrypted with Customer-Managed Keys (CMKs).
To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, ensure that the persistent disks attached to your VM instances are encrypted with CMKs.
To maintain the principle of least privilege and prevent potential privilege escalation, ensure VM instances are not configured to allow project-wide SSH keys and use instance-level SSH keys instead.
VM instance maintenance behavior is not set to "Migrate".
To prevent your production applications from experiencing disruptions during maintenance events, ensure VM instances have "On Host Maintenance" configuration set to "Migrate".
To prevent your instances from being terminated in case Compute Engine requires using their resources for other tasks, ensure VM instances are not preemptible.
VM instance has no Two-Factor Authentication (2FA) enabled for OS Login.
To fulfill PCI compliance requirements for additional security features for any required service, ensure that VM instances have OS login feature enabled and configured with 2FA.
VM instance has no persistent disks encrypted with Customer-Managed Keys (CMKs).
To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, ensure that the persistent disks attached to your VM instances are encrypted with CMKs.
To maintain the principle of least privilege and prevent potential privilege escalation, ensure VM instances are not configured to allow project-wide SSH keys and use instance-level SSH keys instead.
VM instance has no Two-Factor Authentication (2FA) enabled for OS Login.
To fulfill PCI compliance requirements for additional security features for any required service, ensure that VM instances have OS login feature enabled and configured with 2FA.
VM instance has no persistent disks encrypted with Customer-Managed Keys (CMKs).
To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, ensure that the persistent disks attached to your VM instances are encrypted with CMKs.
To maintain the principle of least privilege and prevent potential privilege escalation, ensure VM instances are not configured to allow project-wide SSH keys and use instance-level SSH keys instead.
VM instance has no Two-Factor Authentication (2FA) enabled for OS Login.
To fulfill PCI compliance requirements for additional security features for any required service, ensure that VM instances have OS login feature enabled and configured with 2FA.
VM instance has no persistent disks encrypted with Customer-Managed Keys (CMKs).
To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, ensure that the persistent disks attached to your VM instances are encrypted with CMKs.
To maintain the principle of least privilege and prevent potential privilege escalation, ensure VM instances are not configured to allow project-wide SSH keys and use instance-level SSH keys instead.
VM instance has no Two-Factor Authentication (2FA) enabled for OS Login.
To fulfill PCI compliance requirements for additional security features for any required service, ensure that VM instances have OS login feature enabled and configured with 2FA.
VM instance has no persistent disks encrypted with Customer-Managed Keys (CMKs).
To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, ensure that the persistent disks attached to your VM instances are encrypted with CMKs.
VPC firewall rules allow unrestricted inbound/ingress access on TCP port 3389 (RDP).
To reduce the attack surface for the VM instances associated with the firewall rules, ensure that your VPC network firewall rules do not allow unrestricted access (i.e. 0.0.0.0/0) on TCP port 3389 (RDP).
VPC firewall rules allow unrestricted inbound/ingress access on TCP port 22 (SSH).
To reduce the attack surface for the VM instances associated with the firewall rules, ensure that your VPC network firewall rules do not allow unrestricted access (i.e. 0.0.0.0/0) on TCP port 22 (SSH).
VPC firewall rules allow unrestricted inbound/ingress access on TCP port 22 (SSH).
To reduce the attack surface for the VM instances associated with the firewall rules, ensure that your VPC network firewall rules do not allow unrestricted access (i.e. 0.0.0.0/0) on TCP port 22 (SSH).
VPC firewall rules allow unrestricted inbound/ingress access on TCP port 1433 (SQL Server).
To reduce the attack surface for the VM instances associated with the firewall rules, ensure that your VPC network firewall rules do not allow unrestricted access (i.e. 0.0.0.0/0) on TCP port 1433 (SQL Server).