/
GCP-VM-instance-with-the-external-IP-address

GCP-VM-instance-with-the-external-IP-address

Severity: Medium

Description: This control ensures that VM instances do not have public ip address assigned. To reduce your attack surface, Compute instances should not have public IP addresses. Instead, instances should be configured behind load balancers, to minimize the instance's exposure to the internet.

Remediation Steps:

Perform following to remove public IP address of instance :

  1. Sign in to GCP Console https://console.cloud.google.com.

  2. Go to the VM instances page.

  3. Click on the instance name to go the the Instance detail page.

  4. Click Edit.

  5. For each Network interface, ensure that External IP is set to None.

  6. Click Done and then click Save.

Important:

Removing the external IP address from your Compute instance may cause some applications to stop working.

Reference:

Related content

GCP-VM-instances-have-IP-Forwarding-enabled
GCP-VM-instances-have-IP-Forwarding-enabled
More like this
GCP-VPCNetwork-Open-RDP
GCP-VPCNetwork-Open-RDP
More like this
GCP-Compute-VM-Max-Instances
GCP-Compute-VM-Max-Instances
More like this
GCP-VM-Instances-Confidential-Computing-Disabled
GCP-VM-Instances-Confidential-Computing-Disabled
More like this
GCP-Projects-have-OS-Login-disabled
GCP-Projects-have-OS-Login-disabled
More like this
AWS-EC2-Public-IP-Address-EC2-Instances
AWS-EC2-Public-IP-Address-EC2-Instances
More like this

Blue Hexagon Proprietary