Default network should not be created at project level
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | iam |
| Provider | |
| Vulnerability Type | omission |
Description#
Enabling automatic creation of the default network in a Google Cloud project results in the setup of insecure firewall rules that allow broad ingress access. This configuration exposes internal resources to unnecessary network risk.
Impact#
If exploited, attackers could gain unauthorized access to internal services or infrastructure exposed by permissive firewall rules, potentially leading to data breaches, lateral movement, or service disruptions within the project.
Resolution#
Disable automatic default network creation