Logging is pretty critical for any incident response, and the new guidance reflects this. These two new recommendations are common-sense changes. Our take on the new recommendations in v2.0 Seven recommendations were elevated to Level 2, reflecting the complexity or expense in adhering to the recommendations. Ten recommendations were changed from Manual to Automated assessment as the GCP APIs matured. One recommendation conflicted with the PostgreSQL benchmark and was deleted. Oddly, for being a major version, very few changes have been made between v1.3 and v2.0.
At the end of last year, the Center for Internet Security released version 2.0.0 of their Foundation Benchmark for Google Cloud Platform (GCP).