Getting StartedGetting started Custom Checks Config
Github ActionsCode Scanning Alerts PR Commenter
Legacy metadata endpoints enabled.
The Compute Engine instance metadata server exposes legacy v0.1 and v1beta1 endpoints, which do not enforce metadata query headers.
This is a feature in the v1 APIs that makes it more difficult for a potential attacker to retrieve instance metadata.
Unless specifically required, we recommend you disable these legacy APIs.
When setting the
metadata block, the default value for
disable-legacy-endpoints is set to true, they should not be explicitly enabled.
The following example will fail the GCP007 check.
The following example will pass the GCP007 check.