Aqua CSPM

Private Access Enabled

Quick Info

Plugin TitlePrivate Access Enabled
CloudGOOGLE
CategoryVPC Network
DescriptionEnsures Private Google Access is enabled for all Subnets
More InfoPrivate Google Access allows VM instances on a subnet to reach Google APIs and services without an IP address. This creates a more secure network for the internal communication.
GOOGLE Linkhttps://cloud.google.com/vpc/docs/configure-private-google-access
Recommended Action1. Enter the VPC Network service. 2. Enter the VPC. 3. Select the subnet in question. 4. Edit the subnet and enable Private Google Access.

Detailed Remediation Steps

  1. Log into the Google Cloud Platform Console.
  2. Scroll down the left navigation panel and choose the “Networking” to select the “VPC networks” option under the “VPC network."
  3. On the VPC network page, select the VPC which needs to be verified.
  4. On the “Subnet details” page, scroll down and check the “Private Google access” option. If it’s set to “Off” then the selected VPC don’t have “Google Access” enabled for all the subnets.
  5. Repeat steps number 2 - 4 to verifiy other VPC’s in the account.
  6. Navigate to “VPC network” and choose the “VPC networks” option under the “Networking” and select the “VPC network” which needs to enabled “Google Access” for all the subents.
  7. On the “Subnet details” page, click on the “Edit” button at the top.
  8. On the “Subnet details Edit” page, scroll down the page and click on the “ON” option below the “Private Google access."
  9. Click on the “Save” button at the bottom of the page to make the changes.
  10. Repeat steps number 6 - 9 to ensures “Private Google Access” is enabled for all Subnets.