Ensure Excluding RDP Port For Google Compute Firewall

Ensure that the RDP port (3389) is excluded from Google Compute Firewall rules to enhance security. Allowing RDP access can expose your instances to potential attacks. By excluding this port, you reduce the risk of unauthorized access and improve the overall security posture of your network.

Suggest Edits

Risk Level: medium
Cloud Entity: Cloud Identity
Spectral Rule ID: TFGCP073
Category: Security and Identity

REMEDIATION

in google_compute_firewall.allow set ports to not 3389 (RDP port)

resource "google_compute_firewall" "default" {
  name    = "test-firewall"
  network = google_compute_network.default.name

+  allow {
+    protocol = "tcp"
-    ports    = ["3389"]
+    ports    = ["80", "443", ...] # not RDP related ports
+  }
}

Cloud Identity

A unified identity, access, app, and endpoint management (IAM/EMM) platform.

https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall
https://cloud.google.com/compute/docs/reference/rest/v1/firewalls
https://cloud.google.com/firewall/docs/firewalls

Updated 7 days ago

REMEDIATION

Cloud Identity

Read more: