SECURITY RISK: Google Compute Regional Security Policy doesn't implement default deny

[cyber-francis]

Description

GOOGLE COMPUTE REGIONAL SECURITY POLICY POLICY doesn't implement default deny, instead it implements default allow which is a security risk

References

N/A

Help Wanted

• [ ] I'm interested in contributing a fix myself

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

[ansgarm]

Hi @cyber-francis 👋

The bindings for CDKTF are generated based on the underlying Terraform providers. In this case, you'd need to raise this with the underlying google Terraform provider here.

I'm going to close this issue, as there's nothing the CDKTF can do about this.

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days. This helps our maintainers find and focus on the active issues. If you've found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.