Skip to content
Navigation Menu
Toggle navigation
Sign in
Product
GitHub Copilot
Write better code with AI
GitHub Advanced Security
Find and fix vulnerabilities
Actions
Automate any workflow
Codespaces
Instant dev environments
Issues
Plan and track work
Code Review
Manage code changes
Discussions
Collaborate outside of code
Code Search
Find more, search less
Explore
Why GitHub
All features
Documentation
GitHub Skills
Blog
Solutions
By company size
Enterprises
Small and medium teams
Startups
Nonprofits
By use case
DevSecOps
DevOps
CI/CD
View all use cases
By industry
Healthcare
Financial services
Manufacturing
Government
View all industries
View all solutions
Resources
Topics
AI
DevOps
Security
Software Development
View all
Explore
Learning Pathways
Events & Webinars
Ebooks & Whitepapers
Customer Stories
Partners
Executive Insights
Open Source
GitHub Sponsors
Fund open source developers
The ReadME Project
GitHub community articles
Repositories
Topics
Trending
Collections
Enterprise
Enterprise platform
AI-powered developer platform
Available add-ons
GitHub Advanced Security
Enterprise-grade security features
Copilot for business
Enterprise-grade AI features
Premium Support
Enterprise-grade 24/7 support
Pricing
Search or jump to...
Search code, repositories, users, issues, pull requests...
Search syntax tips
Provide feedback
Saved searches
Use saved searches to filter your results more quickly
Sign in
Sign up
Reseting focus
You signed in with another tab or window.
Reload
to refresh your session.
You signed out in another tab or window.
Reload
to refresh your session.
You switched accounts on another tab or window.
Reload
to refresh your session.
Dismiss alert
{{ message }}
GoogleCloudPlatform
/
policy-library
Public
Notifications
You must be signed in to change notification settings
Fork
129
Star
228
Code
Issues
34
Pull requests
21
Actions
Projects
0
Security
Insights
Additional navigation options
Code
Issues
Pull requests
Actions
Projects
Security
Insights
Files
master
Breadcrumbs
policy-library
/
samples
/
Copy path
Directory actions
More options
Directory actions
More options
Latest commit
History
History
master
Breadcrumbs
policy-library
/
samples
/
Top
Folders and files
Name
Name
Last commit message
Last commit date
parent directory
..
legacy
legacy
allowed_resource_types.yaml
allowed_resource_types.yaml
always_violates.yaml
always_violates.yaml
appengine_location.yaml
appengine_location.yaml
appengine_versions.yaml
appengine_versions.yaml
bigquery_cmek.yaml
bigquery_cmek.yaml
bigquery_table_retention.yaml
bigquery_table_retention.yaml
bigquery_world_readable.yaml
bigquery_world_readable.yaml
bq_dataset_location.yaml
bq_dataset_location.yaml
cmek_rotation.yaml
cmek_rotation.yaml
cmek_rotation_100_days.yaml
cmek_rotation_100_days.yaml
cmek_settings.yaml
cmek_settings.yaml
compute_allowed_networks.yaml
compute_allowed_networks.yaml
compute_block_ssh_keys.yaml
compute_block_ssh_keys.yaml
compute_disk_resource_policies.yaml
compute_disk_resource_policies.yaml
compute_enable_oslogin_project.yaml
compute_enable_oslogin_project.yaml
compute_forbid_ip_forward.yaml
compute_forbid_ip_forward.yaml
compute_zone.yaml
compute_zone.yaml
dataproc_location.yaml
dataproc_location.yaml
dnssec.yaml
dnssec.yaml
dnssec_prevent_rsasha1_ksk.yaml
dnssec_prevent_rsasha1_ksk.yaml
dnssec_prevent_rsasha1_zsk.yaml
dnssec_prevent_rsasha1_zsk.yaml
enforce_label.yaml
enforce_label.yaml
gcp_enforce_naming.yaml
gcp_enforce_naming.yaml
gcp_glb_external_ip.yaml
gcp_glb_external_ip.yaml
gcp_iam_restrict_service_account_creation.yaml
gcp_iam_restrict_service_account_creation.yaml
gcp_iam_restrict_service_account_key_age.yaml
gcp_iam_restrict_service_account_key_age.yaml
gcp_iam_restrict_service_account_key_age_100_days.yaml
gcp_iam_restrict_service_account_key_age_100_days.yaml
gcp_iam_restrict_service_account_key_type.yaml
gcp_iam_restrict_service_account_key_type.yaml
gcp_lb_forwarding.yaml
gcp_lb_forwarding.yaml
gke_allow_only_private_cluster.yaml
gke_allow_only_private_cluster.yaml
gke_allowed_node_sa_scope.yaml
gke_allowed_node_sa_scope.yaml
gke_cluster_location.yaml
gke_cluster_location.yaml
gke_cluster_version.yaml
gke_cluster_version.yaml
gke_container_optimized_os.yaml
gke_container_optimized_os.yaml
gke_dashboard_disable.yaml
gke_dashboard_disable.yaml
gke_disable_default_service_account.yaml
gke_disable_default_service_account.yaml
gke_disable_legacy_endpoints.yaml
gke_disable_legacy_endpoints.yaml
gke_enable_alias_ip_ranges.yaml
gke_enable_alias_ip_ranges.yaml
gke_enable_binauthz.yaml
gke_enable_binauthz.yaml
gke_enable_logging.yaml
gke_enable_logging.yaml
gke_enable_private_endpoint.yaml
gke_enable_private_endpoint.yaml
gke_enable_shielded_nodes.yaml
gke_enable_shielded_nodes.yaml
gke_enable_stackdriver_kubernetes_engine_monitoring.yaml
gke_enable_stackdriver_kubernetes_engine_monitoring.yaml
gke_enable_stackdriver_logging.yaml
gke_enable_stackdriver_logging.yaml
gke_enable_stackdriver_monitoring.yaml
gke_enable_stackdriver_monitoring.yaml
gke_enable_workload_identity.yaml
gke_enable_workload_identity.yaml
gke_legacy_abac.yaml
gke_legacy_abac.yaml
gke_master_authorized_networks_enabled.yaml
gke_master_authorized_networks_enabled.yaml
gke_node_pool_auto_repair.yaml
gke_node_pool_auto_repair.yaml
gke_node_pool_auto_upgrade.yaml
gke_node_pool_auto_upgrade.yaml
gke_restrict_client_auth_methods.yaml
gke_restrict_client_auth_methods.yaml
gke_restrict_pod_traffic.yaml
gke_restrict_pod_traffic.yaml
iam_allowed_roles.yaml
iam_allowed_roles.yaml
iam_audit_log.yaml
iam_audit_log.yaml
iam_audit_log_all.yaml
iam_audit_log_all.yaml
iam_banned_roles.yaml
iam_banned_roles.yaml
iam_block_service_account_creator_role.yaml
iam_block_service_account_creator_role.yaml
iam_custom_role_permissions.yaml
iam_custom_role_permissions.yaml
iam_deny_public.yaml
iam_deny_public.yaml
iam_deny_role.yaml
iam_deny_role.yaml
iam_required_roles.yaml
iam_required_roles.yaml
iam_restrict_domain.yaml
iam_restrict_domain.yaml
iam_restrict_gmail.yaml
iam_restrict_gmail.yaml
iam_restrict_gmail_bigquery_dataset.yaml
iam_restrict_gmail_bigquery_dataset.yaml
iam_restrict_googlegroups_bigquery_dataset.yaml
iam_restrict_googlegroups_bigquery_dataset.yaml
iam_restrict_role.yaml
iam_restrict_role.yaml
iam_service_accounts_only.yaml
iam_service_accounts_only.yaml
network_enable_firewall_logs.yaml
network_enable_firewall_logs.yaml
network_enable_flow_logs.yaml
network_enable_flow_logs.yaml
network_enable_private_google_access.yaml
network_enable_private_google_access.yaml
network_restrict_default.yaml
network_restrict_default.yaml
network_routing.yaml
network_routing.yaml
restrict_fw_rules_generic.yaml
restrict_fw_rules_generic.yaml
restrict_fw_rules_rdp_world_open.yaml
restrict_fw_rules_rdp_world_open.yaml
restrict_fw_rules_ssh_world_open.yaml
restrict_fw_rules_ssh_world_open.yaml
restrict_fw_rules_world_open.yaml
restrict_fw_rules_world_open.yaml
restrict_fw_rules_world_open_tcp_udp_all_ports.yaml
restrict_fw_rules_world_open_tcp_udp_all_ports.yaml
serviceusage_allow_basic_apis.yaml
serviceusage_allow_basic_apis.yaml
serviceusage_deny_apis.yaml
serviceusage_deny_apis.yaml
spanner_location.yaml
spanner_location.yaml
sql_allowed_authorized_networks.yaml
sql_allowed_authorized_networks.yaml
sql_backup.yaml
sql_backup.yaml
sql_backup_with_exemptions.yaml
sql_backup_with_exemptions.yaml
sql_deny_sqlserver_type.yaml
sql_deny_sqlserver_type.yaml
sql_location.yaml
sql_location.yaml
sql_maintenance_window.yaml
sql_maintenance_window.yaml
sql_public_ip.yaml
sql_public_ip.yaml
sql_ssl.yaml
sql_ssl.yaml
sql_world_readable.yaml
sql_world_readable.yaml
storage_bucket_policy_only.yaml
storage_bucket_policy_only.yaml
storage_bucket_retention.yaml
storage_bucket_retention.yaml
storage_cmek_encryption.yaml
storage_cmek_encryption.yaml
storage_denylist_public.yaml
storage_denylist_public.yaml
storage_location.yaml
storage_location.yaml
storage_logging.yaml
storage_logging.yaml
vm_external_ip.yaml
vm_external_ip.yaml
vpc_sc_allowlist_regions.yaml
vpc_sc_allowlist_regions.yaml
vpc_sc_ensure_access_levels.yaml
vpc_sc_ensure_access_levels.yaml
vpc_sc_ensure_project.yaml
vpc_sc_ensure_project.yaml
View all files
You can’t perform that action at this time.