Detections
Analytics

Ensure the number of instances running simultaneously are limited for Google App Engine Standard App Version

LOW

Description

Google App Engine Standard App has the ability to set the basic scaling configuration with a required setting for a maximum number of instances. Setting this field appropriately will help ensure that an application is able to scale as needed without going beyond a certain number of instances, thus managing the overall cost of the application. For more information on scaling within App Engine Standard App, see the GCP documentation.
References:
https://cloud.google.com/appengine/docs/standard/how-instances-are-managed

Remediation

The scaling type can be configured via an app's app.yaml file. By default, the app uses automatic scaling, however this can be changed, then applied in a GKE workload.

In Terraform -

  1. In the resource google_app_engine_standard_app_version, ensure that basic_scaling.max_instances is set to a specified value.

References:
https://cloud.google.com/appengine/docs/legacy/standard/python/how-instances-are-managed#scaling_types
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/app_engine_standard_app_version#nested_basic_scaling

Policy Details

Rule Reference ID: AC_GCP_0294
CSP: GCP
Remediation Available: Yes
Domain: Security Best Practices
Resource: google_app_engine_standard_app_version
Resource Category: Serverless
Resource Type: App Engine

Frameworks