OSLogin Is Disabled In VM Instance

  • Query id: e66e1b71-c810-4b4e-a737-0ab59e7f5e41
  • Query name: OSLogin Is Disabled In VM Instance
  • Platform: GoogleDeploymentManager
  • Severity: Medium
  • Category: Insecure Configurations
  • URL: Github

Description

VM instance should have OSLogin enabled
Documentation

Code samples

Code samples with security vulnerabilities

Postitive test num. 1 - yaml file
resources:
  - name: vm
    type: compute.v1.instance
    properties:
      description: my-vm
      metadata:
        fingerprint: fingerprint
        items:
          - key: enable-oslogin
            value: false
          - key: my-key-2
            value: false

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
resources:
  - name: vm
    type: compute.v1.instance
    properties:
      description: my-vm
      metadata:
        fingerprint: fingerprint
        items:
          - key: my-key-2
            value: false
Negative test num. 2 - yaml file
resources:
  - name: vm
    type: compute.v1.instance
    properties:
      description: my-vm
      metadata:
        fingerprint: fingerprint
        items:
          - key: enable-oslogin
            value: true
          - key: my-key-2
            value: false