sf

Hayat is a auditing & hardening script for Google Cloud Platform services such as: Identity & Access Management Networking Virtual Machines Storage Cloud SQL Instances Kubernetes Clusters for now. Identity & Access Management Ensure that corporate login credentials are used instead of Gmail accounts. Ensure that at that spot are entirely GCP-managed service trouble concern human relationship keys for each service account. Ensure that ServiceAccount has no Admin privileges. Ensure that IAM users are non assigned Service Account User role at projection level. Networking Ensure the default network does non be inward a project. Ensure legacy networks does non exists for a project. Ensure that DNSSEC is enabled for Cloud DNS. Ensure that RSASHA1 is non used for key-signing cardinal inward Cloud DNS DNSSEC. Ensure that RSASHA1 is non used for zone-signing cardinal inward Cloud DNS DNSSEC. Ensure that RDP access is restricted from the Internet. Ensur...