From 3a804d8073e8a72f60ec10da9f610c74e36b764f Mon Sep 17 00:00:00 2001 From: Yusuf Kanchwala Date: Wed, 10 Mar 2021 01:47:46 +0530 Subject: [PATCH] Revert "Updating Rule reference Id's and Policy categories (#582)" This reverts commit dbb5a91c4f0e09a6b79a4002424d9d7039e9c31d. --- .../{AC-GC-IA-GR-M-0001.json => accurics.gcp.IAM.145.json} | 4 ++-- .../{AC-GC-IA-BQ-H-0002.json => accurics.gcp.IAM.106.json} | 4 ++-- .../{AC-GC-DP-CD-M-0003.json => accurics.gcp.EKM.131.json} | 4 ++-- .../{AC-GC-DP-CI-M-0196.json => accurics.gcp.EKM.132.json} | 4 ++-- .../{AC-GC-IA-CI-M-0191.json => accurics.gcp.IAM.124.json} | 4 ++-- .../{AC-GC-IA-CI-M-0193.json => accurics.gcp.IAM.128.json} | 4 ++-- .../{AC-GC-IS-CI-H-0190.json => accurics.gcp.NS.125.json} | 4 ++-- .../{AC-GC-IS-CI-M-0192.json => accurics.gcp.NS.126.json} | 4 ++-- .../{AC-GC-IS-CI-M-0194.json => accurics.gcp.NS.129.json} | 4 ++-- .../{AC-GC-IS-CI-M-0195.json => accurics.gcp.NS.130.json} | 6 +++--- .../{AC-GC-IS-CI-M-0197.json => accurics.gcp.NS.133.json} | 4 ++-- .../{AC-GC-IS-CP-M-0198.json => accurics.gcp.EKM.134.json} | 4 ++-- .../{AC-GC-LM-CS-M-0199.json => accurics.gcp.LOG.118.json} | 4 ++-- .../{AC-GC-IA-CC-H-0208.json => accurics.gcp.IAM.104.json} | 6 +++--- .../{AC-GC-IA-CC-H-0211.json => accurics.gcp.IAM.110.json} | 4 ++-- .../{AC-GC-IA-CC-H-0204.json => accurics.gcp.IAM.142.json} | 4 ++-- .../{AC-GC-LM-CC-H-0202.json => accurics.gcp.LOG.100.json} | 4 ++-- .../{AC-GC-LM-CC-H-0203.json => accurics.gcp.MON.143.json} | 4 ++-- .../{AC-GC-IS-CC-H-0206.json => accurics.gcp.NS.103.json} | 4 ++-- .../{AC-GC-IS-CC-H-0209.json => accurics.gcp.NS.109.json} | 4 ++-- .../{AC-GC-IS-CC-H-0205.json => accurics.gcp.NS.112.json} | 4 ++-- .../{AC-GC-IS-CC-H-0212.json => accurics.gcp.NS.117.json} | 4 ++-- .../{AC-GC-CV-CC-H-0213.json => accurics.gcp.OPS.113.json} | 4 ++-- .../{AC-GC-CV-CC-H-0207.json => accurics.gcp.OPS.115.json} | 4 ++-- .../{AC-GC-CV-CC-H-0210.json => accurics.gcp.OPS.116.json} | 4 ++-- .../{AC-GC-SP-CN-H-0215.json => accurics.gcp.OPS.101.json} | 4 ++-- .../{AC-GC-CV-CN-H-0216.json => accurics.gcp.OPS.114.json} | 4 ++-- .../{AC-GC-SP-CN-M-0217.json => accurics.gcp.OPS.144.json} | 4 ++-- .../{AC-GC-IS-DZ-H-0219.json => accurics.gcp.EKM.108.json} | 4 ++-- .../{AC-GC-IS-DZ-H-0218.json => accurics.gcp.NS.107.json} | 4 ++-- .../{AC-GC-SP-KC-H-0220.json => accurics.gcp.EKM.007.json} | 4 ++-- .../{AC-GC-SP-KC-M-0221.json => accurics.gcp.EKM.139.json} | 4 ++-- .../{AC-GC-IS-PR-M-0222.json => accurics.gcp.NS.119.json} | 4 ++-- .../{AC-GC-LM-PA-H-0223.json => accurics.gcp.LOG.010.json} | 4 ++-- .../{AC-GC-IA-PB-M-0225.json => accurics.gcp.IAM.136.json} | 4 ++-- .../{AC-GC-IA-PB-H-0224.json => accurics.gcp.IAM.150.json} | 2 +- .../{AC-GC-IA-PM-M-0226.json => accurics.gcp.IAM.137.json} | 4 ++-- .../{AC-GC-IA-PM-M-0227.json => accurics.gcp.IAM.138.json} | 4 ++-- .../{AC-GC-RE-SQ-H-0231.json => accurics.gcp.BDR.105.json} | 4 ++-- .../{AC-GC-IS-SQ-H-0229.json => accurics.gcp.EKM.141.json} | 4 ++-- .../{AC-GC-IS-SQ-H-0230.json => accurics.gcp.NS.102.json} | 4 ++-- .../{AC-GC-IA-SB-M-0234.json => accurics.gcp.IAM.122.json} | 4 ++-- .../{AC-GC-LM-SB-H-0232.json => accurics.gcp.LOG.146.json} | 4 ++-- .../{AC-GC-LM-SB-H-0233.json => accurics.gcp.LOG.147.json} | 4 ++-- .../{AC-GC-IA-SI-M-0237.json => accurics.gcp.IAM.121.json} | 4 ++-- .../{AC-GC-IA-SM-H-0238.json => accurics.gcp.IAM.120.json} | 4 ++-- 46 files changed, 93 insertions(+), 93 deletions(-) rename pkg/policies/opa/rego/gcp/github_repository/{AC-GC-IA-GR-M-0001.json => accurics.gcp.IAM.145.json} (66%) rename pkg/policies/opa/rego/gcp/google_bigquery_dataset/{AC-GC-IA-BQ-H-0002.json => accurics.gcp.IAM.106.json} (71%) rename pkg/policies/opa/rego/gcp/google_compute_disk/{AC-GC-DP-CD-M-0003.json => accurics.gcp.EKM.131.json} (73%) rename pkg/policies/opa/rego/gcp/google_compute_instance/{AC-GC-DP-CI-M-0196.json => accurics.gcp.EKM.132.json} (74%) rename pkg/policies/opa/rego/gcp/google_compute_instance/{AC-GC-IA-CI-M-0191.json => accurics.gcp.IAM.124.json} (74%) rename pkg/policies/opa/rego/gcp/google_compute_instance/{AC-GC-IA-CI-M-0193.json => accurics.gcp.IAM.128.json} (77%) rename pkg/policies/opa/rego/gcp/google_compute_instance/{AC-GC-IS-CI-H-0190.json => accurics.gcp.NS.125.json} (77%) rename pkg/policies/opa/rego/gcp/google_compute_instance/{AC-GC-IS-CI-M-0192.json => accurics.gcp.NS.126.json} (79%) rename pkg/policies/opa/rego/gcp/google_compute_instance/{AC-GC-IS-CI-M-0194.json => accurics.gcp.NS.129.json} (79%) rename pkg/policies/opa/rego/gcp/google_compute_instance/{AC-GC-IS-CI-M-0195.json => accurics.gcp.NS.130.json} (77%) rename pkg/policies/opa/rego/gcp/google_compute_instance/{AC-GC-IS-CI-M-0197.json => accurics.gcp.NS.133.json} (73%) rename pkg/policies/opa/rego/gcp/google_compute_ssl_policy/{AC-GC-IS-CP-M-0198.json => accurics.gcp.EKM.134.json} (73%) rename pkg/policies/opa/rego/gcp/google_compute_subnetwork/{AC-GC-LM-CS-M-0199.json => accurics.gcp.LOG.118.json} (73%) rename pkg/policies/opa/rego/gcp/google_container_cluster/{AC-GC-IA-CC-H-0208.json => accurics.gcp.IAM.104.json} (71%) rename pkg/policies/opa/rego/gcp/google_container_cluster/{AC-GC-IA-CC-H-0211.json => accurics.gcp.IAM.110.json} (67%) rename pkg/policies/opa/rego/gcp/google_container_cluster/{AC-GC-IA-CC-H-0204.json => accurics.gcp.IAM.142.json} (71%) rename pkg/policies/opa/rego/gcp/google_container_cluster/{AC-GC-LM-CC-H-0202.json => accurics.gcp.LOG.100.json} (79%) rename pkg/policies/opa/rego/gcp/google_container_cluster/{AC-GC-LM-CC-H-0203.json => accurics.gcp.MON.143.json} (80%) rename pkg/policies/opa/rego/gcp/google_container_cluster/{AC-GC-IS-CC-H-0206.json => accurics.gcp.NS.103.json} (73%) rename pkg/policies/opa/rego/gcp/google_container_cluster/{AC-GC-IS-CC-H-0209.json => accurics.gcp.NS.109.json} (71%) rename pkg/policies/opa/rego/gcp/google_container_cluster/{AC-GC-IS-CC-H-0205.json => accurics.gcp.NS.112.json} (74%) rename pkg/policies/opa/rego/gcp/google_container_cluster/{AC-GC-IS-CC-H-0212.json => accurics.gcp.NS.117.json} (73%) rename pkg/policies/opa/rego/gcp/google_container_cluster/{AC-GC-CV-CC-H-0213.json => accurics.gcp.OPS.113.json} (72%) rename pkg/policies/opa/rego/gcp/google_container_cluster/{AC-GC-CV-CC-H-0207.json => accurics.gcp.OPS.115.json} (72%) rename pkg/policies/opa/rego/gcp/google_container_cluster/{AC-GC-CV-CC-H-0210.json => accurics.gcp.OPS.116.json} (75%) rename pkg/policies/opa/rego/gcp/google_container_node_pool/{AC-GC-SP-CN-H-0215.json => accurics.gcp.OPS.101.json} (78%) rename pkg/policies/opa/rego/gcp/google_container_node_pool/{AC-GC-CV-CN-H-0216.json => accurics.gcp.OPS.114.json} (74%) rename pkg/policies/opa/rego/gcp/google_container_node_pool/{AC-GC-SP-CN-M-0217.json => accurics.gcp.OPS.144.json} (78%) rename pkg/policies/opa/rego/gcp/google_dns_managed_zone/{AC-GC-IS-DZ-H-0219.json => accurics.gcp.EKM.108.json} (73%) rename pkg/policies/opa/rego/gcp/google_dns_managed_zone/{AC-GC-IS-DZ-H-0218.json => accurics.gcp.NS.107.json} (70%) rename pkg/policies/opa/rego/gcp/google_kms_crypto_key/{AC-GC-SP-KC-H-0220.json => accurics.gcp.EKM.007.json} (70%) rename pkg/policies/opa/rego/gcp/google_kms_crypto_key/{AC-GC-SP-KC-M-0221.json => accurics.gcp.EKM.139.json} (70%) rename pkg/policies/opa/rego/gcp/google_project/{AC-GC-IS-PR-M-0222.json => accurics.gcp.NS.119.json} (73%) rename pkg/policies/opa/rego/gcp/google_project_iam_audit_config/{AC-GC-LM-PA-H-0223.json => accurics.gcp.LOG.010.json} (76%) rename pkg/policies/opa/rego/gcp/google_project_iam_binding/{AC-GC-IA-PB-M-0225.json => accurics.gcp.IAM.136.json} (75%) rename pkg/policies/opa/rego/gcp/google_project_iam_binding/{AC-GC-IA-PB-H-0224.json => accurics.gcp.IAM.150.json} (86%) rename pkg/policies/opa/rego/gcp/google_project_iam_member/{AC-GC-IA-PM-M-0226.json => accurics.gcp.IAM.137.json} (75%) rename pkg/policies/opa/rego/gcp/google_project_iam_member/{AC-GC-IA-PM-M-0227.json => accurics.gcp.IAM.138.json} (71%) rename pkg/policies/opa/rego/gcp/google_sql_database_instance/{AC-GC-RE-SQ-H-0231.json => accurics.gcp.BDR.105.json} (71%) rename pkg/policies/opa/rego/gcp/google_sql_database_instance/{AC-GC-IS-SQ-H-0229.json => accurics.gcp.EKM.141.json} (72%) rename pkg/policies/opa/rego/gcp/google_sql_database_instance/{AC-GC-IS-SQ-H-0230.json => accurics.gcp.NS.102.json} (73%) rename pkg/policies/opa/rego/gcp/google_storage_bucket/{AC-GC-IA-SB-M-0234.json => accurics.gcp.IAM.122.json} (71%) rename pkg/policies/opa/rego/gcp/google_storage_bucket/{AC-GC-LM-SB-H-0232.json => accurics.gcp.LOG.146.json} (73%) rename pkg/policies/opa/rego/gcp/google_storage_bucket/{AC-GC-LM-SB-H-0233.json => accurics.gcp.LOG.147.json} (73%) rename pkg/policies/opa/rego/gcp/google_storage_bucket_iam_binding/{AC-GC-IA-SI-M-0237.json => accurics.gcp.IAM.121.json} (72%) rename pkg/policies/opa/rego/gcp/google_storage_bucket_iam_member/{AC-GC-IA-SM-H-0238.json => accurics.gcp.IAM.120.json} (71%) diff --git a/pkg/policies/opa/rego/gcp/github_repository/AC-GC-IA-GR-M-0001.json b/pkg/policies/opa/rego/gcp/github_repository/accurics.gcp.IAM.145.json similarity index 66% rename from pkg/policies/opa/rego/gcp/github_repository/AC-GC-IA-GR-M-0001.json rename to pkg/policies/opa/rego/gcp/github_repository/accurics.gcp.IAM.145.json index dcb041922..21c35a144 100755 --- a/pkg/policies/opa/rego/gcp/github_repository/AC-GC-IA-GR-M-0001.json +++ b/pkg/policies/opa/rego/gcp/github_repository/accurics.gcp.IAM.145.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "MEDIUM", "description": "Repository is Not Private.", - "reference_id": "AC-GC-IA-GR-M-0001", - "category": "Identity and Access Management", + "reference_id": "accurics.gcp.IAM.145", + "category": "Identity \u0026 Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_bigquery_dataset/AC-GC-IA-BQ-H-0002.json b/pkg/policies/opa/rego/gcp/google_bigquery_dataset/accurics.gcp.IAM.106.json similarity index 71% rename from pkg/policies/opa/rego/gcp/google_bigquery_dataset/AC-GC-IA-BQ-H-0002.json rename to pkg/policies/opa/rego/gcp/google_bigquery_dataset/accurics.gcp.IAM.106.json index 83942b0c1..169e6f627 100755 --- a/pkg/policies/opa/rego/gcp/google_bigquery_dataset/AC-GC-IA-BQ-H-0002.json +++ b/pkg/policies/opa/rego/gcp/google_bigquery_dataset/accurics.gcp.IAM.106.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "BigQuery datasets may be anonymously or publicly accessible.", - "reference_id": "AC-GC-IA-BQ-H-0002", - "category": "Identity and Access Management", + "reference_id": "accurics.gcp.IAM.106", + "category": "Identity \u0026 Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_compute_disk/AC-GC-DP-CD-M-0003.json b/pkg/policies/opa/rego/gcp/google_compute_disk/accurics.gcp.EKM.131.json similarity index 73% rename from pkg/policies/opa/rego/gcp/google_compute_disk/AC-GC-DP-CD-M-0003.json rename to pkg/policies/opa/rego/gcp/google_compute_disk/accurics.gcp.EKM.131.json index d0a8dc504..34323cf4e 100755 --- a/pkg/policies/opa/rego/gcp/google_compute_disk/AC-GC-DP-CD-M-0003.json +++ b/pkg/policies/opa/rego/gcp/google_compute_disk/accurics.gcp.EKM.131.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "MEDIUM", "description": "Ensure VM disks for critical VMs are encrypted with Customer Supplied Encryption Keys (CSEK) .", - "reference_id": "AC-GC-DP-CD-M-0003", - "category": "Data Protection", + "reference_id": "accurics.gcp.EKM.131", + "category": "Encryption \u0026 Key Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-DP-CI-M-0196.json b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.EKM.132.json similarity index 74% rename from pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-DP-CI-M-0196.json rename to pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.EKM.132.json index 0c1da3466..19817f097 100755 --- a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-DP-CI-M-0196.json +++ b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.EKM.132.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "MEDIUM", "description": "VM disks attached to a compute instance should be encrypted with Customer Supplied Encryption Keys (CSEK) .", - "reference_id": "AC-GC-DP-CI-M-0196", - "category": "Data Protection", + "reference_id": "accurics.gcp.EKM.132", + "category": "Encryption \u0026 Key Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IA-CI-M-0191.json b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.IAM.124.json similarity index 74% rename from pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IA-CI-M-0191.json rename to pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.IAM.124.json index 689dbc260..bfa478fa3 100755 --- a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IA-CI-M-0191.json +++ b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.IAM.124.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "MEDIUM", "description": "Instances may have been configured to use the default service account with full access to all Cloud APIs", - "reference_id": "AC-GC-IA-CI-M-0191", - "category": "Identity and Access Management", + "reference_id": "accurics.gcp.IAM.124", + "category": "Identity \u0026 Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IA-CI-M-0193.json b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.IAM.128.json similarity index 77% rename from pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IA-CI-M-0193.json rename to pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.IAM.128.json index 746e89f24..962bdb0c4 100755 --- a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IA-CI-M-0193.json +++ b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.IAM.128.json @@ -7,7 +7,7 @@ }, "severity": "MEDIUM", "description": "Ensure that no instance in the project overrides the project setting for enabling OSLogin", - "reference_id": "AC-GC-IA-CI-M-0193", - "category": "Identity and Access Management", + "reference_id": "accurics.gcp.IAM.128", + "category": "Identity \u0026 Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-H-0190.json b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.125.json similarity index 77% rename from pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-H-0190.json rename to pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.125.json index b0e353532..42d58ee89 100755 --- a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-H-0190.json +++ b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.125.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Instances may have been configured to use the default service account with full access to all Cloud APIs", - "reference_id": "AC-GC-IS-CI-H-0190", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.NS.125", + "category": "Access Control", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-M-0192.json b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.126.json similarity index 79% rename from pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-M-0192.json rename to pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.126.json index 0d1181f1c..a9204e7cc 100755 --- a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-M-0192.json +++ b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.126.json @@ -7,7 +7,7 @@ }, "severity": "MEDIUM", "description": "Ensure 'Block Project-wide SSH keys' is enabled for VM instances.", - "reference_id": "AC-GC-IS-CI-M-0192", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.NS.126", + "category": "Network Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-M-0194.json b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.129.json similarity index 79% rename from pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-M-0194.json rename to pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.129.json index 22c0ad9bd..8ab435948 100755 --- a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-M-0194.json +++ b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.129.json @@ -7,7 +7,7 @@ }, "severity": "MEDIUM", "description": "Ensure 'Enable connecting to serial ports' is not enabled for VM instances.", - "reference_id": "AC-GC-IS-CI-M-0194", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.NS.129", + "category": "Network Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-M-0195.json b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.130.json similarity index 77% rename from pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-M-0195.json rename to pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.130.json index f6b3236fb..65f10a5d6 100755 --- a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-M-0195.json +++ b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.130.json @@ -8,7 +8,7 @@ }, "severity": "MEDIUM", "description": "Ensure IP forwarding is not enabled on Instances.", - "reference_id": "AC-GC-IS-CI-M-0195", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.NS.130", + "category": "Network Security", "version": 1 -} \ No newline at end of file +} diff --git a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-M-0197.json b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.133.json similarity index 73% rename from pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-M-0197.json rename to pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.133.json index 02e3eabb3..a0155b5c5 100755 --- a/pkg/policies/opa/rego/gcp/google_compute_instance/AC-GC-IS-CI-M-0197.json +++ b/pkg/policies/opa/rego/gcp/google_compute_instance/accurics.gcp.NS.133.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "MEDIUM", "description": "Ensure Compute instances are launched with Shielded VM enabled.", - "reference_id": "AC-GC-IS-CI-M-0197", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.NS.133", + "category": "Network Security ", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_compute_ssl_policy/AC-GC-IS-CP-M-0198.json b/pkg/policies/opa/rego/gcp/google_compute_ssl_policy/accurics.gcp.EKM.134.json similarity index 73% rename from pkg/policies/opa/rego/gcp/google_compute_ssl_policy/AC-GC-IS-CP-M-0198.json rename to pkg/policies/opa/rego/gcp/google_compute_ssl_policy/accurics.gcp.EKM.134.json index 4a8c675ee..5111a107f 100755 --- a/pkg/policies/opa/rego/gcp/google_compute_ssl_policy/AC-GC-IS-CP-M-0198.json +++ b/pkg/policies/opa/rego/gcp/google_compute_ssl_policy/accurics.gcp.EKM.134.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "MEDIUM", "description": "Ensure no HTTPS or SSL proxy load balancers permit SSL policies with weak cipher suites.", - "reference_id": "AC-GC-IS-CP-M-0198", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.EKM.134", + "category": "Encryption \u0026 Key Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_compute_subnetwork/AC-GC-LM-CS-M-0199.json b/pkg/policies/opa/rego/gcp/google_compute_subnetwork/accurics.gcp.LOG.118.json similarity index 73% rename from pkg/policies/opa/rego/gcp/google_compute_subnetwork/AC-GC-LM-CS-M-0199.json rename to pkg/policies/opa/rego/gcp/google_compute_subnetwork/accurics.gcp.LOG.118.json index ec2c9e4af..3e7cf548f 100755 --- a/pkg/policies/opa/rego/gcp/google_compute_subnetwork/AC-GC-LM-CS-M-0199.json +++ b/pkg/policies/opa/rego/gcp/google_compute_subnetwork/accurics.gcp.LOG.118.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "MEDIUM", "description": "Ensure that VPC Flow Logs is enabled for every subnet in a VPC Network.", - "reference_id": "AC-GC-LM-CS-M-0199", - "category": "Logging and Monitoring", + "reference_id": "accurics.gcp.LOG.118", + "category": "Logging ", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IA-CC-H-0208.json b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.IAM.104.json similarity index 71% rename from pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IA-CC-H-0208.json rename to pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.IAM.104.json index 1bb434d62..1bf1c0c0a 100755 --- a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IA-CC-H-0208.json +++ b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.IAM.104.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure Kubernetes Cluster is created with Client Certificate disabled.", - "reference_id": "AC-GC-IA-CC-H-0208", - "category": "Identity and Access Management", + "reference_id": "accurics.gcp.IAM.104", + "category": "Identity \u0026 Access Management", "version": 1 -} \ No newline at end of file +} diff --git a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IA-CC-H-0211.json b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.IAM.110.json similarity index 67% rename from pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IA-CC-H-0211.json rename to pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.IAM.110.json index ebcc5465e..f7c746f2e 100755 --- a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IA-CC-H-0211.json +++ b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.IAM.110.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure GKE basic auth is disabled.", - "reference_id": "AC-GC-IA-CC-H-0211", - "category": "Identity and Access Management", + "reference_id": "accurics.gcp.IAM.110", + "category": "Identity \u0026 Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IA-CC-H-0204.json b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.IAM.142.json similarity index 71% rename from pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IA-CC-H-0204.json rename to pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.IAM.142.json index 4c640e5dd..1c82938ca 100755 --- a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IA-CC-H-0204.json +++ b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.IAM.142.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure Legacy Authorization is set to disabled on Kubernetes Engine Clusters.", - "reference_id": "AC-GC-IA-CC-H-0204", - "category": "Identity and Access Management", + "reference_id": "accurics.gcp.IAM.142", + "category": "Identity \u0026 Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-LM-CC-H-0202.json b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.LOG.100.json similarity index 79% rename from pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-LM-CC-H-0202.json rename to pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.LOG.100.json index 933510b99..ce8850846 100755 --- a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-LM-CC-H-0202.json +++ b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.LOG.100.json @@ -7,7 +7,7 @@ }, "severity": "HIGH", "description": "Ensure Stackdriver Logging is enabled on Kubernetes Engine Clusters.", - "reference_id": "AC-GC-LM-CC-H-0202", - "category": "Logging and Monitoring", + "reference_id": "accurics.gcp.LOG.100", + "category": "Logging", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-LM-CC-H-0203.json b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.MON.143.json similarity index 80% rename from pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-LM-CC-H-0203.json rename to pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.MON.143.json index 335e41e15..3160108d7 100755 --- a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-LM-CC-H-0203.json +++ b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.MON.143.json @@ -7,7 +7,7 @@ }, "severity": "HIGH", "description": "Ensure Stackdriver Monitoring is enabled on Kubernetes Engine Clusters.", - "reference_id": "AC-GC-LM-CC-H-0203", - "category": "Logging and Monitoring", + "reference_id": "accurics.gcp.MON.143", + "category": "Monitoring", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IS-CC-H-0206.json b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.NS.103.json similarity index 73% rename from pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IS-CC-H-0206.json rename to pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.NS.103.json index 48d0099e1..4bdb34d97 100755 --- a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IS-CC-H-0206.json +++ b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.NS.103.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure Network policy is enabled on Kubernetes Engine Clusters.", - "reference_id": "AC-GC-IS-CC-H-0206", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.NS.103", + "category": "Network Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IS-CC-H-0209.json b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.NS.109.json similarity index 71% rename from pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IS-CC-H-0209.json rename to pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.NS.109.json index f291642db..9d86bed43 100755 --- a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IS-CC-H-0209.json +++ b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.NS.109.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure GKE Control Plane is not public.", - "reference_id": "AC-GC-IS-CC-H-0209", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.NS.109", + "category": "Network Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IS-CC-H-0205.json b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.NS.112.json similarity index 74% rename from pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IS-CC-H-0205.json rename to pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.NS.112.json index 6a6c9d6bc..3469d7179 100755 --- a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IS-CC-H-0205.json +++ b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.NS.112.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure Master Authentication is set to enabled on Kubernetes Engine Clusters.", - "reference_id": "AC-GC-IS-CC-H-0205", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.NS.112", + "category": "Network Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IS-CC-H-0212.json b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.NS.117.json similarity index 73% rename from pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IS-CC-H-0212.json rename to pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.NS.117.json index a5a35cc95..83fc5878e 100755 --- a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-IS-CC-H-0212.json +++ b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.NS.117.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure Kubernetes Cluster is created with Private cluster enabled.", - "reference_id": "AC-GC-IS-CC-H-0212", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.NS.117", + "category": "Network Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-CV-CC-H-0213.json b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.OPS.113.json similarity index 72% rename from pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-CV-CC-H-0213.json rename to pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.OPS.113.json index 4bdabdbad..7c13f89bd 100755 --- a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-CV-CC-H-0213.json +++ b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.OPS.113.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure Kubernetes Clusters are configured with Labels.", - "reference_id": "AC-GC-CV-CC-H-0213", - "category": "Compliance Validation", + "reference_id": "accurics.gcp.OPS.113", + "category": "Operational Efficiency", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-CV-CC-H-0207.json b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.OPS.115.json similarity index 72% rename from pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-CV-CC-H-0207.json rename to pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.OPS.115.json index ebc458cd0..4e3355e4b 100755 --- a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-CV-CC-H-0207.json +++ b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.OPS.115.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure Kubernetes Cluster is created with Alias IP ranges enabled", - "reference_id": "AC-GC-CV-CC-H-0207", - "category": "Compliance Validation", + "reference_id": "accurics.gcp.OPS.115", + "category": "Operational Efficiency", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-CV-CC-H-0210.json b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.OPS.116.json similarity index 75% rename from pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-CV-CC-H-0210.json rename to pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.OPS.116.json index e1bb98cff..7280c676f 100755 --- a/pkg/policies/opa/rego/gcp/google_container_cluster/AC-GC-CV-CC-H-0210.json +++ b/pkg/policies/opa/rego/gcp/google_container_cluster/accurics.gcp.OPS.116.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure PodSecurityPolicy controller is enabled on the Kubernetes Engine Clusters.", - "reference_id": "AC-GC-CV-CC-H-0210", - "category": "Compliance Validation", + "reference_id": "accurics.gcp.OPS.116", + "category": "Operational Efficiency", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_container_node_pool/AC-GC-SP-CN-H-0215.json b/pkg/policies/opa/rego/gcp/google_container_node_pool/accurics.gcp.OPS.101.json similarity index 78% rename from pkg/policies/opa/rego/gcp/google_container_node_pool/AC-GC-SP-CN-H-0215.json rename to pkg/policies/opa/rego/gcp/google_container_node_pool/accurics.gcp.OPS.101.json index 8258afa04..62ec43385 100755 --- a/pkg/policies/opa/rego/gcp/google_container_node_pool/AC-GC-SP-CN-H-0215.json +++ b/pkg/policies/opa/rego/gcp/google_container_node_pool/accurics.gcp.OPS.101.json @@ -7,7 +7,7 @@ }, "severity": "HIGH", "description": "Ensure 'Automatic node upgrade' is enabled for Kubernetes Clusters.", - "reference_id": "AC-GC-SP-CN-H-0215", - "category": "Security Best Practices", + "reference_id": "accurics.gcp.OPS.101", + "category": "Operational Efficiency", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_container_node_pool/AC-GC-CV-CN-H-0216.json b/pkg/policies/opa/rego/gcp/google_container_node_pool/accurics.gcp.OPS.114.json similarity index 74% rename from pkg/policies/opa/rego/gcp/google_container_node_pool/AC-GC-CV-CN-H-0216.json rename to pkg/policies/opa/rego/gcp/google_container_node_pool/accurics.gcp.OPS.114.json index 95d76359a..b871a33f3 100755 --- a/pkg/policies/opa/rego/gcp/google_container_node_pool/AC-GC-CV-CN-H-0216.json +++ b/pkg/policies/opa/rego/gcp/google_container_node_pool/accurics.gcp.OPS.114.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure Container-Optimized OS (cos) is used for Kubernetes Engine Clusters Node image.", - "reference_id": "AC-GC-CV-CN-H-0216", - "category": "Compliance Validation", + "reference_id": "accurics.gcp.OPS.114", + "category": "Operational Efficiency", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_container_node_pool/AC-GC-SP-CN-M-0217.json b/pkg/policies/opa/rego/gcp/google_container_node_pool/accurics.gcp.OPS.144.json similarity index 78% rename from pkg/policies/opa/rego/gcp/google_container_node_pool/AC-GC-SP-CN-M-0217.json rename to pkg/policies/opa/rego/gcp/google_container_node_pool/accurics.gcp.OPS.144.json index 2f7d36589..434faa6c0 100755 --- a/pkg/policies/opa/rego/gcp/google_container_node_pool/AC-GC-SP-CN-M-0217.json +++ b/pkg/policies/opa/rego/gcp/google_container_node_pool/accurics.gcp.OPS.144.json @@ -7,7 +7,7 @@ }, "severity": "MEDIUM", "description": "Ensure 'Automatic node repair' is enabled for Kubernetes Clusters.", - "reference_id": "AC-GC-SP-CN-M-0217", - "category": "Security Best Practices", + "reference_id": "accurics.gcp.OPS.144", + "category": "Operational Efficiency", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_dns_managed_zone/AC-GC-IS-DZ-H-0219.json b/pkg/policies/opa/rego/gcp/google_dns_managed_zone/accurics.gcp.EKM.108.json similarity index 73% rename from pkg/policies/opa/rego/gcp/google_dns_managed_zone/AC-GC-IS-DZ-H-0219.json rename to pkg/policies/opa/rego/gcp/google_dns_managed_zone/accurics.gcp.EKM.108.json index 391f71fb9..f676e85b3 100755 --- a/pkg/policies/opa/rego/gcp/google_dns_managed_zone/AC-GC-IS-DZ-H-0219.json +++ b/pkg/policies/opa/rego/gcp/google_dns_managed_zone/accurics.gcp.EKM.108.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure that RSASHA1 is not used for the zone-signing and key-signing keys in Cloud DNS DNSSEC.", - "reference_id": "AC-GC-IS-DZ-H-0219", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.EKM.108", + "category": "Encryption \u0026 Key Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_dns_managed_zone/AC-GC-IS-DZ-H-0218.json b/pkg/policies/opa/rego/gcp/google_dns_managed_zone/accurics.gcp.NS.107.json similarity index 70% rename from pkg/policies/opa/rego/gcp/google_dns_managed_zone/AC-GC-IS-DZ-H-0218.json rename to pkg/policies/opa/rego/gcp/google_dns_managed_zone/accurics.gcp.NS.107.json index 374cbdb2b..4de57e66c 100755 --- a/pkg/policies/opa/rego/gcp/google_dns_managed_zone/AC-GC-IS-DZ-H-0218.json +++ b/pkg/policies/opa/rego/gcp/google_dns_managed_zone/accurics.gcp.NS.107.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure that DNSSEC is enabled for Cloud DNS.", - "reference_id": "AC-GC-IS-DZ-H-0218", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.NS.107", + "category": "Network Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_kms_crypto_key/AC-GC-SP-KC-H-0220.json b/pkg/policies/opa/rego/gcp/google_kms_crypto_key/accurics.gcp.EKM.007.json similarity index 70% rename from pkg/policies/opa/rego/gcp/google_kms_crypto_key/AC-GC-SP-KC-H-0220.json rename to pkg/policies/opa/rego/gcp/google_kms_crypto_key/accurics.gcp.EKM.007.json index e59572036..3387471ac 100755 --- a/pkg/policies/opa/rego/gcp/google_kms_crypto_key/AC-GC-SP-KC-H-0220.json +++ b/pkg/policies/opa/rego/gcp/google_kms_crypto_key/accurics.gcp.EKM.007.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure Encryption keys are rotated within a period of 365 days.", - "reference_id": "AC-GC-SP-KC-H-0220", - "category": "Security Best Practices", + "reference_id": "accurics.gcp.EKM.007", + "category": "Encryption \u0026 Key Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_kms_crypto_key/AC-GC-SP-KC-M-0221.json b/pkg/policies/opa/rego/gcp/google_kms_crypto_key/accurics.gcp.EKM.139.json similarity index 70% rename from pkg/policies/opa/rego/gcp/google_kms_crypto_key/AC-GC-SP-KC-M-0221.json rename to pkg/policies/opa/rego/gcp/google_kms_crypto_key/accurics.gcp.EKM.139.json index 5479dfb30..01ee2db34 100755 --- a/pkg/policies/opa/rego/gcp/google_kms_crypto_key/AC-GC-SP-KC-M-0221.json +++ b/pkg/policies/opa/rego/gcp/google_kms_crypto_key/accurics.gcp.EKM.139.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "MEDIUM", "description": "Ensure Encryption keys are rotated within a period of 90 days.", - "reference_id": "AC-GC-SP-KC-M-0221", - "category": "Security Best Practices", + "reference_id": "accurics.gcp.EKM.139", + "category": "Encryption \u0026 Key Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_project/AC-GC-IS-PR-M-0222.json b/pkg/policies/opa/rego/gcp/google_project/accurics.gcp.NS.119.json similarity index 73% rename from pkg/policies/opa/rego/gcp/google_project/AC-GC-IS-PR-M-0222.json rename to pkg/policies/opa/rego/gcp/google_project/accurics.gcp.NS.119.json index 3a07396b1..6b28b7a08 100755 --- a/pkg/policies/opa/rego/gcp/google_project/AC-GC-IS-PR-M-0222.json +++ b/pkg/policies/opa/rego/gcp/google_project/accurics.gcp.NS.119.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "MEDIUM", "description": "Ensure that the default network does not exist in a project.", - "reference_id": "AC-GC-IS-PR-M-0222", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.NS.119", + "category": "Network Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_project_iam_audit_config/AC-GC-LM-PA-H-0223.json b/pkg/policies/opa/rego/gcp/google_project_iam_audit_config/accurics.gcp.LOG.010.json similarity index 76% rename from pkg/policies/opa/rego/gcp/google_project_iam_audit_config/AC-GC-LM-PA-H-0223.json rename to pkg/policies/opa/rego/gcp/google_project_iam_audit_config/accurics.gcp.LOG.010.json index a85b8b75d..66abdca78 100755 --- a/pkg/policies/opa/rego/gcp/google_project_iam_audit_config/AC-GC-LM-PA-H-0223.json +++ b/pkg/policies/opa/rego/gcp/google_project_iam_audit_config/accurics.gcp.LOG.010.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure that Cloud Audit Logging is configured properly across all services and all users from a project.", - "reference_id": "AC-GC-LM-PA-H-0223", - "category": "Logging and Monitoring", + "reference_id": "accurics.gcp.LOG.010", + "category": "Logging", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_project_iam_binding/AC-GC-IA-PB-M-0225.json b/pkg/policies/opa/rego/gcp/google_project_iam_binding/accurics.gcp.IAM.136.json similarity index 75% rename from pkg/policies/opa/rego/gcp/google_project_iam_binding/AC-GC-IA-PB-M-0225.json rename to pkg/policies/opa/rego/gcp/google_project_iam_binding/accurics.gcp.IAM.136.json index dc3b9853b..d7c6fee0d 100755 --- a/pkg/policies/opa/rego/gcp/google_project_iam_binding/AC-GC-IA-PB-M-0225.json +++ b/pkg/policies/opa/rego/gcp/google_project_iam_binding/accurics.gcp.IAM.136.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "MEDIUM", "description": "Ensure that IAM users are not assigned the Service Account User or Service Account Token Creator roles at project level.", - "reference_id": "AC-GC-IA-PB-M-0225", - "category": "Identity and Access Management", + "reference_id": "accurics.gcp.IAM.136", + "category": "Identity \u0026 Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_project_iam_binding/AC-GC-IA-PB-H-0224.json b/pkg/policies/opa/rego/gcp/google_project_iam_binding/accurics.gcp.IAM.150.json similarity index 86% rename from pkg/policies/opa/rego/gcp/google_project_iam_binding/AC-GC-IA-PB-H-0224.json rename to pkg/policies/opa/rego/gcp/google_project_iam_binding/accurics.gcp.IAM.150.json index 171060ca6..bfed380e9 100755 --- a/pkg/policies/opa/rego/gcp/google_project_iam_binding/AC-GC-IA-PB-H-0224.json +++ b/pkg/policies/opa/rego/gcp/google_project_iam_binding/accurics.gcp.IAM.150.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure that corporate login credentials are used instead of Gmail accounts.", - "reference_id": "AC-GC-IA-PB-H-0224", + "reference_id": "accurics.gcp.IAM.150", "category": "Identity and Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_project_iam_member/AC-GC-IA-PM-M-0226.json b/pkg/policies/opa/rego/gcp/google_project_iam_member/accurics.gcp.IAM.137.json similarity index 75% rename from pkg/policies/opa/rego/gcp/google_project_iam_member/AC-GC-IA-PM-M-0226.json rename to pkg/policies/opa/rego/gcp/google_project_iam_member/accurics.gcp.IAM.137.json index 1e8cc602d..bbcd89885 100755 --- a/pkg/policies/opa/rego/gcp/google_project_iam_member/AC-GC-IA-PM-M-0226.json +++ b/pkg/policies/opa/rego/gcp/google_project_iam_member/accurics.gcp.IAM.137.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "MEDIUM", "description": "Ensure that IAM users are not assigned the Service Account User or Service Account Token Creator roles at project level.", - "reference_id": "AC-GC-IA-PM-M-0226", - "category": "Identity and Access Management", + "reference_id": "accurics.gcp.IAM.137", + "category": "Identity \u0026 Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_project_iam_member/AC-GC-IA-PM-M-0227.json b/pkg/policies/opa/rego/gcp/google_project_iam_member/accurics.gcp.IAM.138.json similarity index 71% rename from pkg/policies/opa/rego/gcp/google_project_iam_member/AC-GC-IA-PM-M-0227.json rename to pkg/policies/opa/rego/gcp/google_project_iam_member/accurics.gcp.IAM.138.json index cb18c702b..c5da6a6bf 100755 --- a/pkg/policies/opa/rego/gcp/google_project_iam_member/AC-GC-IA-PM-M-0227.json +++ b/pkg/policies/opa/rego/gcp/google_project_iam_member/accurics.gcp.IAM.138.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "MEDIUM", "description": "Ensure that Service Account has no Admin privileges.", - "reference_id": "AC-GC-IA-PM-M-0227", - "category": "Identity and Access Management", + "reference_id": "accurics.gcp.IAM.138", + "category": "Identity \u0026 Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_sql_database_instance/AC-GC-RE-SQ-H-0231.json b/pkg/policies/opa/rego/gcp/google_sql_database_instance/accurics.gcp.BDR.105.json similarity index 71% rename from pkg/policies/opa/rego/gcp/google_sql_database_instance/AC-GC-RE-SQ-H-0231.json rename to pkg/policies/opa/rego/gcp/google_sql_database_instance/accurics.gcp.BDR.105.json index e92991c43..ed655f3c5 100755 --- a/pkg/policies/opa/rego/gcp/google_sql_database_instance/AC-GC-RE-SQ-H-0231.json +++ b/pkg/policies/opa/rego/gcp/google_sql_database_instance/accurics.gcp.BDR.105.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure all Cloud SQL database instance have backup configuration enabled.", - "reference_id": "AC-GC-RE-SQ-H-0231", - "category": "Resilience", + "reference_id": "accurics.gcp.BDR.105", + "category": "Backup \u0026 Disaster Recovery", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_sql_database_instance/AC-GC-IS-SQ-H-0229.json b/pkg/policies/opa/rego/gcp/google_sql_database_instance/accurics.gcp.EKM.141.json similarity index 72% rename from pkg/policies/opa/rego/gcp/google_sql_database_instance/AC-GC-IS-SQ-H-0229.json rename to pkg/policies/opa/rego/gcp/google_sql_database_instance/accurics.gcp.EKM.141.json index a6f377208..25e5366e6 100755 --- a/pkg/policies/opa/rego/gcp/google_sql_database_instance/AC-GC-IS-SQ-H-0229.json +++ b/pkg/policies/opa/rego/gcp/google_sql_database_instance/accurics.gcp.EKM.141.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure that Cloud SQL database instance requires all incoming connections to use SSL", - "reference_id": "AC-GC-IS-SQ-H-0229", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.EKM.141", + "category": "Encryption \u0026 Key Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_sql_database_instance/AC-GC-IS-SQ-H-0230.json b/pkg/policies/opa/rego/gcp/google_sql_database_instance/accurics.gcp.NS.102.json similarity index 73% rename from pkg/policies/opa/rego/gcp/google_sql_database_instance/AC-GC-IS-SQ-H-0230.json rename to pkg/policies/opa/rego/gcp/google_sql_database_instance/accurics.gcp.NS.102.json index bdc760e23..9fb0f171c 100755 --- a/pkg/policies/opa/rego/gcp/google_sql_database_instance/AC-GC-IS-SQ-H-0230.json +++ b/pkg/policies/opa/rego/gcp/google_sql_database_instance/accurics.gcp.NS.102.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure that Cloud SQL database Instances are not open to the world.", - "reference_id": "AC-GC-IS-SQ-H-0230", - "category": "Infrastructure Security", + "reference_id": "accurics.gcp.NS.102", + "category": "Network Security", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_storage_bucket/AC-GC-IA-SB-M-0234.json b/pkg/policies/opa/rego/gcp/google_storage_bucket/accurics.gcp.IAM.122.json similarity index 71% rename from pkg/policies/opa/rego/gcp/google_storage_bucket/AC-GC-IA-SB-M-0234.json rename to pkg/policies/opa/rego/gcp/google_storage_bucket/accurics.gcp.IAM.122.json index beea6a2d9..d20464950 100755 --- a/pkg/policies/opa/rego/gcp/google_storage_bucket/AC-GC-IA-SB-M-0234.json +++ b/pkg/policies/opa/rego/gcp/google_storage_bucket/accurics.gcp.IAM.122.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "MEDIUM", "description": "Ensure that Cloud Storage buckets have uniform bucket-level access enabled.", - "reference_id": "AC-GC-IA-SB-M-0234", - "category": "Identity and Access Management", + "reference_id": "accurics.gcp.IAM.122", + "category": "Identity \u0026 Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_storage_bucket/AC-GC-LM-SB-H-0232.json b/pkg/policies/opa/rego/gcp/google_storage_bucket/accurics.gcp.LOG.146.json similarity index 73% rename from pkg/policies/opa/rego/gcp/google_storage_bucket/AC-GC-LM-SB-H-0232.json rename to pkg/policies/opa/rego/gcp/google_storage_bucket/accurics.gcp.LOG.146.json index 85e65283a..a77d9686d 100755 --- a/pkg/policies/opa/rego/gcp/google_storage_bucket/AC-GC-LM-SB-H-0232.json +++ b/pkg/policies/opa/rego/gcp/google_storage_bucket/accurics.gcp.LOG.146.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure that object versioning is enabled on log-buckets.", - "reference_id": "AC-GC-LM-SB-H-0232", - "category": "Logging and Monitoring", + "reference_id": "accurics.gcp.LOG.146", + "category": "Logging", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_storage_bucket/AC-GC-LM-SB-H-0233.json b/pkg/policies/opa/rego/gcp/google_storage_bucket/accurics.gcp.LOG.147.json similarity index 73% rename from pkg/policies/opa/rego/gcp/google_storage_bucket/AC-GC-LM-SB-H-0233.json rename to pkg/policies/opa/rego/gcp/google_storage_bucket/accurics.gcp.LOG.147.json index bb67765fb..948f146cc 100755 --- a/pkg/policies/opa/rego/gcp/google_storage_bucket/AC-GC-LM-SB-H-0233.json +++ b/pkg/policies/opa/rego/gcp/google_storage_bucket/accurics.gcp.LOG.147.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure that logging is enabled for Cloud storage buckets.", - "reference_id": "AC-GC-LM-SB-H-0233", - "category": "Logging and Monitoring", + "reference_id": "accurics.gcp.LOG.147", + "category": "Logging", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_storage_bucket_iam_binding/AC-GC-IA-SI-M-0237.json b/pkg/policies/opa/rego/gcp/google_storage_bucket_iam_binding/accurics.gcp.IAM.121.json similarity index 72% rename from pkg/policies/opa/rego/gcp/google_storage_bucket_iam_binding/AC-GC-IA-SI-M-0237.json rename to pkg/policies/opa/rego/gcp/google_storage_bucket_iam_binding/accurics.gcp.IAM.121.json index 843dc6c40..b7ea5d6fb 100755 --- a/pkg/policies/opa/rego/gcp/google_storage_bucket_iam_binding/AC-GC-IA-SI-M-0237.json +++ b/pkg/policies/opa/rego/gcp/google_storage_bucket_iam_binding/accurics.gcp.IAM.121.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "MEDIUM", "description": "Ensure that Cloud Storage bucket is not anonymously or publicly accessible.", - "reference_id": "AC-GC-IA-SI-M-0237", - "category": "Identity and Access Management", + "reference_id": "accurics.gcp.IAM.121", + "category": "Identity \u0026 Access Management", "version": 1 } \ No newline at end of file diff --git a/pkg/policies/opa/rego/gcp/google_storage_bucket_iam_member/AC-GC-IA-SM-H-0238.json b/pkg/policies/opa/rego/gcp/google_storage_bucket_iam_member/accurics.gcp.IAM.120.json similarity index 71% rename from pkg/policies/opa/rego/gcp/google_storage_bucket_iam_member/AC-GC-IA-SM-H-0238.json rename to pkg/policies/opa/rego/gcp/google_storage_bucket_iam_member/accurics.gcp.IAM.120.json index cecf9f3cc..7a9a6000f 100755 --- a/pkg/policies/opa/rego/gcp/google_storage_bucket_iam_member/AC-GC-IA-SM-H-0238.json +++ b/pkg/policies/opa/rego/gcp/google_storage_bucket_iam_member/accurics.gcp.IAM.120.json @@ -4,7 +4,7 @@ "template_args": null, "severity": "HIGH", "description": "Ensure that Cloud Storage bucket is not anonymously or publicly Accessible.", - "reference_id": "AC-GC-IA-SM-H-0238", - "category": "Identity and Access Management", + "reference_id": "accurics.gcp.IAM.120", + "category": "Identity \u0026 Access Management", "version": 1 } \ No newline at end of file