> ## Documentation Index
> Fetch the complete documentation index at: https://cloudanix.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# IAM Audit

## Checks performed

* [Users Should Use Work Email For Access](gcpiamcompliance/rules/corporate_emails_only)
* [KMS Admin Roles Should Not Have CryptoKey Role](gcpiamcompliance/rules/kms_user_separation)
* [User Managed Service Account Should Not Have Admin Priviledges](gcpiamcompliance/rules/user_managed_service_no_admin)
* [Service Account Keys Should Be Rotated](gcpiamcompliance/rules/service_account_key_rotation)
* [Keys Should Be Managed By Google](gcpiamcompliance/rules/service_account_managed_keys)
* [Service Accounts Admin And User Permissions Should Not Be Assigned At The Same Time](gcpiamcompliance/rules/service_account_separation)
* [Service Account User Should Not Have Service Account Token Creator Role](gcpiamcompliance/rules/service_account_user)
* [KMS Cryptokeys Should Not Be Public](gcpiamcompliance/rules/cloud_kms_cryptokeys_not_publicly_accessible)
* [KMS Encryption Keys Should Be Rotated](gcpiamcompliance/rules/kms_encryption_keys_rotated)
* [Cryptographic Keys Should Be Rotated](gcpiamcompliance/rules/crypto_key_rotation)
* [Ensure API Keys Are Not Created For A Project](gcpiamcompliance/rules/api_keys_not_used)
* [Ensure API Keys Are Restricted To Specific Hosts And Apps](gcpiamcompliance/rules/api_keys_restricted_to_specific_hosts_and_apps)
* [Ensure API Keys Are Restricted To Necessary APIs](gcpiamcompliance/rules/api_keys_restricted_to_necessary_apis)
* [Ensure API Keys Are Rotated Periodically](gcpiamcompliance/rules/api_keys_rotated)
* [Ensure Essential Contacts Configured For Organization](gcpiamcompliance/rules/contacts_configured_for_organization)
* [Ensure Dataproc Clusters Encrypted Using CMEK](gcpiamcompliance/rules/dataproc_cluster_encrypted_using_cmek)
* [Define Allowed External IPs for VM Instances](gcpiamcompliance/rules/allowed_external_ips_for_vm_org_policy)
* [Disable Automatic IAM Role Grants for Default Service Accounts](gcpiamcompliance/rules/disable_automatic_iam_role_grants_for_default_service_accounts)
* [Disable Guest Attributes of Compute Engine Metadata](gcpiamcompliance/rules/disable_guest_attributes_compute_metadata)
* [Disable Serial Port Access Support at Organization Level](gcpiamcompliance/rules/disable_serial_port_access_support)
* [Disable Service Account Key Upload](gcpiamcompliance/rules/disable_service_account_key_upload)
* [Disable User-Managed Key Creation for Service Accounts](gcpiamcompliance/rules/disable_user_managed_key_creation_service_account)
* [Disable Workload Identity at Cluster Creation](gcpiamcompliance/rules/disable_workload_identity_at_cluster_creation)
* [Enforce Detailed Audit Logging Mode](gcpiamcompliance/rules/enforce_detailed_audit_logging)
* [Enforce Uniform Bucket-Level Access at Organization Level](gcpiamcompliance/rules/enforce_uniform_bucket_level_access_at_org_level)
* [Prevent Service Account Creation for Google Cloud Organizations](gcpiamcompliance/rules/prevent_service_account_creation_at_org_level)
* [Require OS Login](gcpiamcompliance/rules/require_os_login_vms)
* [Restrict Allowed Google Cloud APIs and Services](gcpiamcompliance/rules/restrict_allowed_apis_services)
* [Restrict Authorized Networks on Cloud SQL instances](gcpiamcompliance/rules/restrict_authorized_networks_sql_instances)
* [Restrict Default Google-Managed Encryption for Cloud SQL Instances](gcpiamcompliance/rules/disable_default_encryption_sql_instances)
* [Restrict Load Balancer Creation Based on Load Balancer Types](gcpiamcompliance/rules/compliant_load_balancer_creation)
* [Restrict Public IP Access for Cloud SQL Instances at Organization Level](gcpiamcompliance/rules/restrict_public_ip_access_sql_instances)
* [Restrict Shared VPC Subnetworks](gcpiamcompliance/rules/restrict_shared_vpc_subnetworks)
* [Restrict VPC Peering Usage](gcpiamcompliance/rules/restrict_vpc_peering_usage)
* [Restrict VPN Peer IPs](gcpiamcompliance/rules/restrict_vpn_peer_ips)
* [Restrict Virtual Machine IP Forwarding](gcpiamcompliance/rules/restrict_vm_ip_forwarding)
* [Restrict the Creation of Cloud Resources to Specific Locations](gcpiamcompliance/rules/restrict_cloud_creation_specific_locations)
* [Restricting the Use of Images](gcpiamcompliance/rules/compute_trusted_images_allowed)
* [Skip Default VPC Network Creation](gcpiamcompliance/rules/skip_default_vpc_network_creation)
