Risk Level: Medium
Cloud Entity: GCP VPC Network
CloudGuard Rule ID: D9.GCP.NET.20
Covered by Spectral: Yes
Category: Networking & Content Delivery

GSL LOGIC

Network should not have name='default'

REMEDIATION

From Portal

Go to VPC networks https://console.cloud.google.com/networking/networks
Click the network named 'default'
Click DELETE VPC NETWORK

From TF
Set the auto_create_network to be equal to false:

resource 'google_project' 'my_project' {
	...
	auto_create_network   = false
	...
}

From Command Line
Run

gcloud compute networks delete default

References

GCP VPC Network

A VPC network, sometimes just called a “network,” is a virtual version of a physical network, like a data center network. It provides connectivity for your Compute Engine virtual machine (VM) instances, Kubernetes Engine clusters, App Engine Flex instances, and other resources in your project.

Projects can contain multiple VPC networks. New projects start with a default network that has one subnet in each region (an auto mo

Compliance Frameworks

CloudGuard GCP All Rules Ruleset
GCP CIS Controls V 8
GCP CIS Foundations v. 1.0.0
GCP CIS Foundations v. 1.1.0
GCP CIS Foundations v. 1.2.0
GCP CIS Foundations v. 1.3.0
GCP CIS Foundations v. 2.0
GCP CloudGuard Best Practices
GCP CloudGuard CheckUp
GCP CloudGuard Network Security
GCP GDPR Readiness
GCP HIPAA
GCP ISO 27001:2013
GCP LGPD regulation
GCP MITRE ATT&CK Framework v12.1
GCP NIST 800-53 Rev 4
GCP NIST 800-53 Rev 5
GCP NIST CSF v1.1
GCP PCI-DSS 3.2