Skip to main content

CIS GCP 1.2.0 to 1.3.0

The following sections list the differences between the CIS GCP 1.2.0 and CIS GCP 1.3.0 benchmark policies.

CIS GCP 1.2.0 to 1.3.0 Mapping

The table below lists the mapping of policies between CIS GCP 1.2.0 and 1.3.0, including assessment type and severity differences:

tip

Click anywhere on the table and use the arrow keys on your keyboard to scroll left or right.

CIS 1.2.0 Policy IDCIS 1.2.0 Assessment TypeLacework 1.2.0 Assessment Type1.2.0 SeverityCIS 1.3.0 Policy IDCIS 1.3.0 Control IDCIS 1.3.0 Assessment TypeLacework 1.3.0 Assessment Type1.3.0 Severity
GCP_CIS12_1_1AutomatedManualMediumlacework-global-2321.1ManualManualHigh
GCP_CIS12_1_2ManualManualMediumlacework-global-2331.2ManualManualHigh
GCP_CIS12_1_3ManualManualMediumlacework-global-2931.3ManualManualMedium
GCP_CIS12_1_4AutomatedAutomatedMediumlacework-global-2341.4AutomatedAutomatedMedium
GCP_CIS12_1_5AutomatedAutomatedMediumlacework-global-2351.5AutomatedAutomatedMedium
GCP_CIS12_1_6AutomatedAutomatedMediumlacework-global-2361.6AutomatedManualMedium
GCP_CIS12_1_7AutomatedAutomatedMediumlacework-global-2371.7AutomatedAutomatedMedium
GCP_CIS12_1_8ManualAutomatedMediumlacework-global-2941.8AutomatedManualHigh
GCP_CIS12_1_9AutomatedAutomatedCriticallacework-global-2381.9AutomatedAutomatedCritical
GCP_CIS12_1_10AutomatedAutomatedMediumlacework-global-2391.1AutomatedAutomatedMedium
GCP_CIS12_1_11AutomatedAutomatedMediumlacework-global-2951.11AutomatedManualHigh
GCP_CIS12_1_12ManualManualMediumlacework-global-2961.12ManualAutomatedMedium
GCP_CIS12_1_13ManualManualLowlacework-global-2401.13ManualAutomatedMedium
GCP_CIS12_1_14ManualManualLowlacework-global-2411.14ManualAutomatedMedium
GCP_CIS12_1_15ManualManualMediumlacework-global-2421.15ManualAutomatedMedium
GCP_CIS12_2_1AutomatedAutomatedMediumlacework-global-245, lacework-global-487, lacework-global-4882.1AutomatedAutomatedLow
GCP_CIS12_2_2AutomatedAutomatedMediumlacework-global-246, lacework-global-4892.2AutomatedAutomatedLow
GCP_CIS12_2_3AutomatedManualMediumlacework-global-2982.3AutomatedAutomatedLow
GCP_CIS12_2_4AutomatedAutomatedMediumlacework-global-2472.4AutomatedAutomatedLow
GCP_CIS12_2_5AutomatedAutomatedLowlacework-global-2482.5AutomatedAutomatedLow
GCP_CIS12_2_6AutomatedAutomatedLowlacework-global-2492.6AutomatedAutomatedLow
GCP_CIS12_2_7AutomatedAutomatedLowlacework-global-2502.7AutomatedAutomatedLow
GCP_CIS12_2_8AutomatedAutomatedLowlacework-global-2512.8AutomatedAutomatedLow
GCP_CIS12_2_9AutomatedAutomatedLowlacework-global-2522.9AutomatedAutomatedLow
GCP_CIS12_2_10AutomatedAutomatedLowlacework-global-2532.1AutomatedAutomatedLow
GCP_CIS12_2_11AutomatedAutomatedLowlacework-global-2542.11AutomatedAutomatedLow
GCP_CIS12_2_12AutomatedAutomatedLowlacework-global-2552.12AutomatedAutomatedMedium
GCP_CIS12_3_1AutomatedAutomatedLowlacework-global-3003.1AutomatedAutomatedMedium
GCP_CIS12_3_2AutomatedAutomatedInfolacework-global-2583.2AutomatedAutomatedMedium
GCP_CIS12_3_3AutomatedAutomatedMediumlacework-global-2593.3AutomatedAutomatedMedium
GCP_CIS12_3_4ManualAutomatedLowlacework-global-2603.4ManualAutomatedLow
GCP_CIS12_3_5ManualAutomatedLowlacework-global-2613.5ManualAutomatedLow
GCP_CIS12_3_6AutomatedAutomatedHighlacework-global-3013.6AutomatedAutomatedMedium
GCP_CIS12_3_7AutomatedAutomatedHighlacework-global-3023.7AutomatedAutomatedCritical
GCP_CIS12_3_8AutomatedAutomatedLowlacework-global-2623.8AutomatedAutomatedLow
GCP_CIS12_3_9ManualAutomatedMediumlacework-global-263, lacework-global-4903.9ManualAutomatedMedium
GCP_CIS12_3_10ManualManualMediumlacework-global-3033.1ManualManualMedium
GCP_CIS12_4_1AutomatedAutomatedMediumlacework-global-2644.1AutomatedAutomatedMedium
GCP_CIS12_4_2AutomatedAutomatedMediumlacework-global-2654.2AutomatedAutomatedMedium
GCP_CIS12_4_3AutomatedAutomatedMediumlacework-global-2664.3AutomatedAutomatedMedium
GCP_CIS12_4_4AutomatedAutomatedLowlacework-global-267, lacework-global-4984.4AutomatedAutomatedMedium
GCP_CIS12_4_5AutomatedAutomatedMediumlacework-global-2684.5AutomatedAutomatedMedium
GCP_CIS12_4_6AutomatedAutomatedLowlacework-global-2694.6AutomatedAutomatedMedium
GCP_CIS12_4_7AutomatedAutomatedMediumlacework-global-3044.7AutomatedAutomatedCritical
GCP_CIS12_4_8AutomatedAutomatedHighlacework-global-3054.8AutomatedAutomatedMedium
GCP_CIS12_4_9AutomatedAutomatedLowlacework-global-3064.9AutomatedAutomatedHigh
GCP_CIS12_4_10ManualManualMediumlacework-global-3074.1ManualManualMedium
GCP_CIS12_4_11AutomatedAutomatedMediumlacework-global-3084.11AutomatedAutomatedMedium
GCP_CIS12_5_1AutomatedAutomatedHighlacework-global-2705.1AutomatedAutomatedCritical
GCP_CIS12_5_2AutomatedAutomatedLowlacework-global-3105.2AutomatedAutomatedMedium
GCP_CIS12_6_1_1AutomatedManualMediumlacework-global-2746.1.1ManualManualHigh
GCP_CIS12_6_1_2AutomatedAutomatedInfolacework-global-2756.1.2AutomatedAutomatedMedium
GCP_CIS12_6_1_3AutomatedAutomatedInfolacework-global-2766.1.3AutomatedAutomatedMedium
GCP_CIS12_6_2_1AutomatedAutomatedInfoN/AN/AN/AN/AN/A
GCP_CIS12_6_2_2ManualManualInfolacework-global-3126.2.1ManualAutomatedMedium
GCP_CIS12_6_2_3AutomatedAutomatedInfolacework-global-2776.2.2AutomatedAutomatedMedium
GCP_CIS12_6_2_4AutomatedAutomatedInfolacework-global-2786.2.3AutomatedAutomatedMedium
GCP_CIS12_6_2_5ManualAutomatedInfoN/AN/AN/AN/AN/A
GCP_CIS12_6_2_6AutomatedAutomatedInfoN/AN/AN/AN/AN/A
GCP_CIS12_6_2_7ManualManualInfolacework-global-2796.2.4ManualAutomatedLow
GCP_CIS12_6_2_8AutomatedAutomatedInfolacework-global-2806.2.5AutomatedAutomatedLow
GCP_CIS12_6_2_9AutomatedAutomatedInfoN/AN/AN/AN/AN/A
GCP_CIS12_6_2_10AutomatedAutomatedInfoN/AN/AN/AN/AN/A
GCP_CIS12_6_2_11AutomatedAutomatedInfoN/AN/AN/AN/AN/A
GCP_CIS12_6_2_12AutomatedAutomatedInfoN/AN/AN/AN/AN/A
GCP_CIS12_6_2_13ManualManualInfolacework-global-2816.2.6ManualAutomatedLow
GCP_CIS12_6_2_14AutomatedAutomatedInfolacework-global-2826.2.7AutomatedAutomatedMedium
GCP_CIS12_6_2_15AutomatedAutomatedInfoN/AN/AN/AN/AN/A
GCP_CIS12_6_2_16AutomatedAutomatedInfolacework-global-2836.2.8AutomatedAutomatedMedium
GCP_CIS12_6_3_1AutomatedAutomatedInfolacework-global-2856.3.1AutomatedAutomatedMedium
GCP_CIS12_6_3_2AutomatedAutomatedInfolacework-global-2866.3.2AutomatedAutomatedMedium
GCP_CIS12_6_3_3AutomatedAutomatedInfolacework-global-2876.3.3AutomatedAutomatedLow
GCP_CIS12_6_3_4AutomatedAutomatedInfolacework-global-2886.3.4AutomatedAutomatedMedium
GCP_CIS12_6_3_5AutomatedAutomatedMediumlacework-global-2896.3.5AutomatedAutomatedMedium
GCP_CIS12_6_3_6AutomatedAutomatedInfolacework-global-2906.3.6AutomatedAutomatedMedium
GCP_CIS12_6_3_7AutomatedAutomatedLowlacework-global-2916.3.7AutomatedAutomatedMedium
GCP_CIS12_6_4AutomatedAutomatedHighlacework-global-2716.4AutomatedAutomatedHigh
GCP_CIS12_6_5AutomatedAutomatedMediumlacework-global-2726.5AutomatedAutomatedCritical
GCP_CIS12_6_6AutomatedAutomatedMediumlacework-global-3116.6AutomatedAutomatedHigh
GCP_CIS12_6_7AutomatedAutomatedInfolacework-global-2736.7AutomatedAutomatedMedium
GCP_CIS12_7_1AutomatedAutomatedInfolacework-global-2927.1ManualAutomatedCritical
GCP_CIS12_7_2AutomatedAutomatedLowlacework-global-3137.2AutomatedAutomatedMedium
GCP_CIS12_7_3AutomatedAutomatedLowlacework-global-3147.3ManualAutomatedMedium

Additional Notes

Anything marked with "N/A" was either not included in the CIS 1.3.0 benchmark or merged with another control ID.

New Policies in CIS GCP 1.3.0

All the new v1.3.0 policies (that were not in v1.2.0) are listed in the table below:

CIS Control ID and TitleLacework Policy IDCIS Assessment TypeLacework Assessment TypeSeverity
1.16 Ensure Essential Contacts is Configured for Organizationlacework-global-243AutomatedManualMedium
1.17 Ensure that Dataproc Cluster is encrypted using Customer-Managed Encryption Keylacework-global-297AutomatedAutomatedMedium
1.18 Ensure Secrets are Not Stored in Cloud Functions Environment Variables by Using Secret Managerlacework-global-244ManualManualMedium
2.13 Ensure Cloud Asset Inventory Is Enabledlacework-global-256AutomatedAutomatedMedium
2.14 Ensure 'Access Transparency' is 'Enabled'lacework-global-257ManualManualMedium
2.15 Ensure 'Access Approval' is 'Enabled'lacework-global-299AutomatedManualMedium
4.12 Ensure the Latest Operating System Updates Are Installed On Your Virtual Machines in All Projectslacework-global-309ManualManualMedium
6.2.9 Ensure That 'cloudsql.enable_pgaudit' Database Flag for each Cloud Sql Postgresql Instance Is Set to 'on' For Centralized Logginglacework-global-284AutomatedAutomatedMedium