GCP

Network Exposure

GCP firewall rules allowing inbound from the internet — what's open and to which targets.

Tier Explorer

Category Security & Identity

Refresh every 30 min

Scope project-wide

Live preview — demo data

Same idea on another cloud

Azure Network Exposure

What this pane shows

Cross-VPC firewall rules permitting ingress from 0.0.0.0/0 to a target tag or service account. Critical exposures (SSH, RDP, database ports) are surfaced first; expected exposures (HTTP/HTTPS) are grouped separately.

Key use cases

Catch a firewall rule that opened SSH to the world.
Confirm intentional public-facing rules are correctly scoped.
Audit external attack surface during a security review.
Find rules with the most-permissive sources for tightening.

How to embed

Drop this snippet on any HTML page that loads lp-embed.js. The pane mounts itself wherever the matching <div> is in the DOM.

<div class="lp-gcp-network-exposure-panel"
     data-lp-account="<your-account-alias>"></div>
<script src="https://lightpane.io/embed/lp-embed.js"
        data-lp-key="<your-access-key>"></script>
<script src="https://lightpane.io/_pane-tests/gcp/network-exposure/network-exposure.js"
        defer></script>

Tier

Available on Explorer and above.

Build notes

No outstanding build notes.