Skip to main content

Mondoo Google Cloud Platform (GCP) Resource Pack Reference

The Google Cloud Platform (GCP) resource pack lets you use MQL to query and assess the security of your Google cloud services.

Resources included in this pack:

IDDESCRIPTION
gcp.accessApprovalSettingsGoogle Cloud (GCP) access approval settings
gcp.essentialContactGoogle Cloud (GCP) contact
gcp.folderGoogle Cloud (GCP) folder
gcp.foldersGoogle Cloud (GCP) folders
gcp.organizationGoogle Cloud (GCP) organization
gcp.projectGoogle Cloud (GCP) project
gcp.project.apiKeyGoogle Cloud (GCP) project API key
gcp.project.apiKey.restrictionsGoogle Cloud (GCP) project API key restrictions
gcp.project.bigqueryServiceGoogle Cloud (GCP) BigQuery resources
gcp.project.bigqueryService.datasetGoogle Cloud (GCP) BigQuery dataset
gcp.project.bigqueryService.dataset.accessEntryGoogle Cloud (GCP) BigQuery dataset access entry
gcp.project.bigqueryService.modelGoogle Cloud (GCP) BigQuery ML model
gcp.project.bigqueryService.routineGoogle Cloud (GCP) BigQuery routine
gcp.project.bigqueryService.tableGoogle Cloud (GCP) BigQuery table
gcp.project.binaryAuthorizationControl
gcp.project.binaryAuthorizationControl.admissionRule
gcp.project.binaryAuthorizationControl.policy
gcp.project.cloudFunctionGCP cloud function
gcp.project.cloudRunServiceGoogle Cloud (GCP) Run resources
gcp.project.cloudRunService.conditionGoogle Cloud (GCP) Run condition
gcp.project.cloudRunService.containerGoogle Cloud (GCP) Run service revision template container
gcp.project.cloudRunService.container.probeGoogle Cloud (GCP) Run service revision template container probe
gcp.project.cloudRunService.jobGoogle Cloud (GCP) Run job
gcp.project.cloudRunService.job.executionTemplateGoogle Cloud (GCP) Run job execution template
gcp.project.cloudRunService.job.executionTemplate.taskTemplateGoogle Cloud (GCP) Run job execution template task template
gcp.project.cloudRunService.operationGoogle Cloud (GCP) Run operation
gcp.project.cloudRunService.serviceGoogle Cloud (GCP) Run service
gcp.project.cloudRunService.service.revisionTemplateGoogle Cloud (GCP) Run service revision template
gcp.project.computeServiceGoogle Cloud (GCP) Compute Engine
gcp.project.computeService.addressGoogle Cloud (GCP) Compute address
gcp.project.computeService.attachedDiskGoogle Cloud (GCP) Compute attached disk
gcp.project.computeService.backendServiceGoogle Cloud (GCP) Compute backend service
gcp.project.computeService.backendService.backendGoogle Cloud (GCP) Compute backend service backend
gcp.project.computeService.backendService.cdnPolicyGoogle Cloud (GCP) Compute backend service CDN policy
gcp.project.computeService.diskGoogle Cloud (GCP) Compute persistent disk
gcp.project.computeService.firewallGoogle Cloud (GCP) Compute firewall
gcp.project.computeService.forwardingRuleGoogle Cloud (GCP) Compute forwarding rules
gcp.project.computeService.imageGoogle Cloud (GCP) Compute
gcp.project.computeService.instanceGoogle Cloud (GCP) Compute instances
gcp.project.computeService.machineTypeGoogle Cloud (GCP) machine type
gcp.project.computeService.networkGoogle Cloud (GCP) Compute VPC network resource
gcp.project.computeService.regionGoogle Cloud (GCP) Compute region
gcp.project.computeService.routerGoogle Cloud (GCP) Compute cloud router
gcp.project.computeService.serviceaccountGoogle Cloud (GCP) Compute service account
gcp.project.computeService.snapshotGoogle Cloud (GCP) Compute persistent disk snapshot
gcp.project.computeService.subnetworkGoogle Cloud (GCP) Compute VPC network partitioning
gcp.project.computeService.subnetwork.logConfigGoogle Cloud (GCP) Compute VPC network partitioning log configuration
gcp.project.computeService.zoneGoogle Cloud (GCP) Compute zone
gcp.project.dataprocServiceGoogle Cloud (GCP) Dataproc resources
gcp.project.dataprocService.clusterGoogle Cloud (GCP) Dataproc cluster
gcp.project.dataprocService.cluster.configGoogle Cloud (GCP) Dataproc cluster config
gcp.project.dataprocService.cluster.config.gceClusterGoogle Cloud (GCP) Dataproc cluster endpoint config
gcp.project.dataprocService.cluster.config.gceCluster.reservationAffinityGoogle Cloud (GCP) Dataproc cluster GCE cluster reservation affinity config
gcp.project.dataprocService.cluster.config.gceCluster.shieldedInstanceConfigGoogle Cloud (GCP) Dataproc cluster GCE cluster shielded instance config
gcp.project.dataprocService.cluster.config.gkeClusterGoogle Cloud (GCP) Dataproc cluster GKE cluster config
gcp.project.dataprocService.cluster.config.instanceGoogle Cloud (GCP) Dataproc cluster instance config
gcp.project.dataprocService.cluster.config.instance.diskConfigGoogle Cloud (GCP) Dataproc cluster instance disk config
gcp.project.dataprocService.cluster.config.lifecycleGoogle Cloud (GCP) Dataproc cluster lifecycle config
gcp.project.dataprocService.cluster.statusGoogle Cloud (GCP) Dataproc cluster status
gcp.project.dataprocService.cluster.virtualClusterConfigGoogle Cloud (GCP) Dataproc cluster virtual cluster config
gcp.project.dnsServiceGoogle Cloud (GCP) DNS
gcp.project.dnsService.managedzoneGoogle Cloud (GCP) DNS managed zone (a resource that represents a DNS zone hosted by the Cloud DNS service)
gcp.project.dnsService.policyGoogle Cloud (GCP) DNS rules applied to one or more Virtual Private Cloud resources
gcp.project.dnsService.recordsetGoogle Cloud (GCP) DNS record set
gcp.project.gkeServiceGoogle Kubernetes Engine (GKE)
gcp.project.gkeService.clusterGoogle Kubernetes Engine (GKE) cluster
gcp.project.gkeService.cluster.addonsConfigGoogle Kubernetes Engine (GKE) cluster addons config
gcp.project.gkeService.cluster.ipAllocationPolicyGoogle Kubernetes Engine (GKE) cluster IP allocation policy
gcp.project.gkeService.cluster.networkConfigGoogle Kubernetes Engine (GKE) cluster network config
gcp.project.gkeService.cluster.nodepoolGoogle Kubernetes Engine (GKE) cluster node pool
gcp.project.gkeService.cluster.nodepool.configGoogle Kubernetes Engine (GKE) node pool configuration
gcp.project.gkeService.cluster.nodepool.config.acceleratorGoogle Kubernetes Engine (GKE) node pool hardware accelerators configuration
gcp.project.gkeService.cluster.nodepool.config.accelerator.gpuSharingConfigGoogle Kubernetes Engine (GKE) GPU sharing configuration
gcp.project.gkeService.cluster.nodepool.config.advancedMachineFeaturesGoogle Kubernetes Engine (GKE) node pool advanced machine features configuration
gcp.project.gkeService.cluster.nodepool.config.confidentialNodesGoogle Kubernetes Engine (GKE) node pool confidential nodes configuration
gcp.project.gkeService.cluster.nodepool.config.gcfsConfigGoogle Kubernetes Engine (GKE) node pool GCFS configuration
gcp.project.gkeService.cluster.nodepool.config.gvnicConfigGoogle Kubernetes Engine (GKE) node pool gVNIC configuration
gcp.project.gkeService.cluster.nodepool.config.kubeletConfigGoogle Kubernetes Engine (GKE) Node Pool kubelet configuration
gcp.project.gkeService.cluster.nodepool.config.linuxNodeConfigGoogle Kubernetes Engine (GKE) node pool parameters that can be configured on Linux nodes
gcp.project.gkeService.cluster.nodepool.config.nodeTaintGoogle Kubernetes Engine (GKE) Kubernetes node taint
gcp.project.gkeService.cluster.nodepool.config.sandboxConfigGoogle Kubernetes Engine (GKE) node pool sandbox configuration
gcp.project.gkeService.cluster.nodepool.config.shieldedInstanceConfigGoogle Kubernetes Engine (GKE) node pool shielded instance configuration
gcp.project.gkeService.cluster.nodepool.networkConfigGoogle Kubernetes Engine (GKE) node pool-Level network configuration
gcp.project.gkeService.cluster.nodepool.networkConfig.performanceConfigGoogle Kubernetes Engine (GKE) node pool network performance configuration
gcp.project.iamServiceGoogle Cloud (GCP) IAM resources
gcp.project.iamService.serviceAccountGoogle Cloud (GCP) service account
gcp.project.iamService.serviceAccount.keyGoogle Cloud (GCP) service account keys
gcp.project.kmsServiceGCP KMS resources
gcp.project.kmsService.keyringGoogle Cloud (GCP) KMS keyring
gcp.project.kmsService.keyring.cryptokeyGoogle Cloud (GCP) KMS crypto key
gcp.project.kmsService.keyring.cryptokey.versionGoogle Cloud (GCP) KMS crypto key version
gcp.project.kmsService.keyring.cryptokey.version.attestationGCP KMS crypto key version attestation
gcp.project.kmsService.keyring.cryptokey.version.attestation.certificatechainsGoogle Cloud (GCP) KMS crypto key version attestation certificate chains
gcp.project.kmsService.keyring.cryptokey.version.externalProtectionLevelOptionsGoogle Cloud (GCP) KMS crypto key version external protection level options
gcp.project.loggingserviceGoogle Cloud (GCP) Logging resources
gcp.project.loggingservice.bucketGoogle Cloud (GCP) Logging bucket
gcp.project.loggingservice.bucket.indexConfigGoogle Cloud (GCP) Logging bucket index config
gcp.project.loggingservice.metricGoogle Cloud (GCP) Logging metric
gcp.project.loggingservice.sinkGCP Logging sink
gcp.project.monitoringServiceGoogle Cloud (GCP) monitoring resources
gcp.project.monitoringService.alertPolicyGoogle Cloud (GCP) monitoring alert policy
gcp.project.pubsubServiceGoogle Cloud (GCP) Pub/Sub resources
gcp.project.pubsubService.snapshotGoogle Cloud (GCP) Pub/Sub snapshot
gcp.project.pubsubService.subscriptionGoogle Cloud (GCP) Pub/Sub subscription
gcp.project.pubsubService.subscription.configGoogle Cloud (GCP) Pub/Sub subscription configuration
gcp.project.pubsubService.subscription.config.pushconfigGCP Pub/Sub configuration for subscriptions that operate in push mode
gcp.project.pubsubService.topicGoogle Cloud (GCP) Pub/Sub topic
gcp.project.pubsubService.topic.configGoogle Cloud (GCP) Pub/Sub topic configuration
gcp.project.pubsubService.topic.config.messagestoragepolicyGoogle Cloud (GCP) Pub/Sub topic message storage policy
gcp.project.sqlServiceGoogle Cloud (GCP) SQL resources
gcp.project.sqlService.instanceGoogle Cloud (GCP) SQL instance
gcp.project.sqlService.instance.databaseGoogle Cloud (GCP) SQL instance database
gcp.project.sqlService.instance.ipMappingGoogle Cloud (GCP) SQL instance IP mapping
gcp.project.sqlService.instance.settingsGoogle Cloud (GCP) SQL instance settings
gcp.project.sqlService.instance.settings.backupconfigurationGoogle Cloud (GCP) SQL instance settings backup configuration
gcp.project.sqlService.instance.settings.denyMaintenancePeriodGoogle Cloud (GCP) SQL instance settings deny maintenance period
gcp.project.sqlService.instance.settings.ipConfigurationGoogle Cloud (GCP) SQL instance settings IP configuration
gcp.project.sqlService.instance.settings.maintenanceWindowGoogle Cloud (GCP) SQL instance settings maintenance window
gcp.project.sqlService.instance.settings.passwordValidationPolicyGoogle Cloud (GCP) SQL instance settings password validation policy
gcp.project.storageServiceGoogle Cloud (GCP) Storage
gcp.project.storageService.bucketGoogle Cloud (GCP) Storage bucket
gcp.projectsGoogle Cloud (GCP) projects
gcp.recommendationGoogle Cloud (GCP) recommendation and suggested action
gcp.resourcemanager.bindingGoogle Cloud (GCP) Resource Manager binding
gcp.serviceGoogle Cloud (GCP) service