Cloud DNS Without DNSSEC
- Query id: 313d6deb-3b67-4948-b41d-35b699c2492e
- Query name: Cloud DNS Without DNSSEC
- Platform: GoogleDeploymentManager
- Severity: Medium
- Category: Insecure Configurations
- URL: Github
Description¶
DNSSEC must be enabled for Cloud DNS
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
resources:
- name: dns
type: dns.v1.managedZone
properties:
name: my-zone
Positive test num. 2 - yaml file
resources:
- name: dns2
type: dns.v1.managedZone
properties:
name: my-zone2
dnssecConfig:
kind: "dns#managedZoneDnsSecConfig"
Positive test num. 3 - yaml file
resources:
- name: dns3
type: dns.v1.managedZone
properties:
name: my-zone3
dnssecConfig:
state: "off"