More Info:

Ensure that “Define Allowed External IPs for VM Instances” constraint policy is enforced at the GCP organization level in order to enable you to define the set of virtual machine (VM) instances that are allowed to use external IP addresses. This constraint helps you to minimize your instance’s exposure to the Internet.

Risk Level

Medium

Address

Security, Operational Maturity

Compliance Standards

CBP

Triage and Remediation

Remediation

Using Console