gcp-audit

The GCP Audit project automates many of the audits found in the Center for Internet Security (CIS) Google Cloud Platform Foundation Benchmark. There is one script per benchmark. The script is named after the corresponding benchmark. The scripts can enumerate all projects in an organization and scan each project, or the user can pass in the project as a parameter.

Usage Instructions (Cloud Shell)

Video Tutorial

How to Use GCP Audit (Cloud Shell)

Usage Instructions (Local Terminal)

Video Tutorial

How to Use GCP Audit (Local Terminal)

Dependencies

An operating system to install the needed software

If you would like to use an Ubuntu virtual machine, install Ubuntu on VirtualBox or other hypervisor. Ubuntu runs better on VirtualBox if the Guest Additions are installed. If VirtualBox is not installed, install VirtualBox.

The Google Cloud Platform (GPC) gcloud client software

This video shows how to install the gcloud CLI on Ubuntu Linux. Otherwise, follow the instructions for your distribution

This project

git clone https://github.com/webpwnized/gcp-audit.git

Optional Pre-Installation Instructions

1. If you would like to use an Ubuntu virtual machine, install Ubuntu on VirtualBox or other hypervisor.

2. Ubuntu runs better on VirtualBox if the Guest Additions are installed.

3. If VirtualBox is not installed, install VirtualBox.

Contributing

Contributions are welcome! If you'd like to contribute to GCP Audit, please follow these steps:

1. Fork the repository.
2. Create a new branch (`git checkout -b feature/my-feature`).
3. Make your changes and commit them (`git commit -am 'Add new feature'`).
4. Push to the branch (`git push origin feature/my-feature`).
5. Create a new Pull Request.

Please read our Contribution Guidelines for more details.

License

This project is licensed under the GNU General Public License v3.0 - see the LICENSE file for details.