More Info:

Ensure that only images from trusted Google Cloud Platform (GCP) projects are allowed as the source for boot disks for new virtual machine instances. To enforce this constraint, enable and configure the “Define Trusted Image Projects” policy at the GCP organization level.

Risk Level

Medium

Address

Operational Maturity, Reliability, Security

Compliance Standards

CBP

Triage and Remediation

Remediation

Using Console