Denis Loginov
Denis Loginov
Had to disable output audio stream to fix crash on some servers when allowed to leave audio on: 7d922f4
Would it be possible to reset the zip file timestamp? Otherwise, we obtain a different md5 on it on every run, even though the contents (incl. the timestamps of the...
OK, makes sense. So in that case, we can treat this as a standardized message, so we can parse it I guess..
The problem is, a lot of code messages don't follow this format or are not uniform across various controls though, for example: ``` ServiceAccount Keys for @.iam.gserviceaccount.com older than 7776000...
@binamov this is because we'd like to build additional automation around it, as explained :) I.e. we'd like to have a programmatic way to the findings that are machine-readable, as...
I think 4.8 title is mislabeled (the title is from 4.7, while the control itself is 4.8 indeed): https://github.com/GoogleCloudPlatform/inspec-gcp-cis-benchmark/blob/9bde76a0fa8204863ec3364b82af7ca3cde795ff/controls/4.08-vms.rb#L29
OK thanks! I'll keep this open for now, maybe will add a PR at some point.
@aaronlippold yes, there's `disabled` field on the `ServiceAccountKey` object, I believe: https://cloud.google.com/iam/docs/reference/rest/v1/projects.serviceAccounts.keys#ServiceAccountKey
Any updates on this?
It would be nice to be able to ignore by `os`/`library` in `.rego` as well.