This repository will provide the tools required to validate the minimum guardrails for the GC Cloud Operationalization Framework for Google Cloud Platform
| Guardrail | Description | Enforcement | Link |
|---|---|---|---|
| 01 Protect Root / Global Admins Account | Doc | link | |
| 02 Management of Administrative Privileges | Doc | link | |
| 03 Cloud Console Access | Doc | link | |
| 04 Enterprise Monitoring Accounts | Rego | link | |
| 05 Data Location | Rego | link | |
| 06 Protection of Data-At-Rest | Doc | link | |
| 07 Protection of Data-In-Transit | Doc | link | |
| 08 Segment and Separate | Rego | link | |
| 09 Network Security Services | Rego | Link | |
| 10 Cyber Defence Services | MOU | ||
| 11 Logging and Monitoring | Rego | Link | |
| 12 Configuration of Cloud Marketplaces | Rego | Link |
See gc guardrails accelerator gcp
Makes use of Open Policy Agent and GCP's Asset Invetory API to validate compliance of deployed resources.
See documentation