Built-in scenarios (AWS/GCP/Azure)

Run the curated fixture catalog in one click.

These demos are pulled from the same checked-in fixture plans used to exercise the analyzer in the repo. They make the project scope legible without asking someone to prepare Terraform first.

Quiet reference architecture

gcp/sample_gcp_safe_plan.json

Safe GCP Plan

Private-by-default GCP reference with hardened storage, private Cloud SQL, scoped identity, Secret Manager, and Cloud KMS.

Findings
0
Boundaries
1
Resources
9
0 high 0 medium 0 low
Run built-in report

Calibrated baseline

gcp/sample_gcp_baseline_plan.json

Baseline GCP Plan

Mostly segmented GCP infrastructure with custom-role IAM risk and a focused Cloud SQL recovery finding.

Findings
5
Boundaries
1
Resources
9
2 high 3 medium 0 low
Run built-in report

Common architecture

gcp/sample_gcp_lb_compute_sql_plan.json

GCP Load Balancer and SQL

External load-balancing edge, private compute, NAT egress posture, and private Cloud SQL in a common GCP web shape.

Findings
2
Boundaries
2
Resources
11
0 high 2 medium 0 low
Run built-in report

Serverless workload

gcp/sample_gcp_serverless_plan.json

GCP Serverless

Cloud Run and Cloud Functions public invoker paths with service-account access into Secret Manager.

Findings
5
Boundaries
4
Resources
11
2 high 3 medium 0 low
Run built-in report

Trust expansion

gcp/sample_gcp_cross_project_iam_plan.json

GCP Cross-Project IAM

Focused IAM blast-radius fixture for project-level grants, Secret Manager access, and Cloud KMS decryption trust.

Findings
6
Boundaries
0
Resources
8
3 high 3 medium 0 low
Run built-in report

Provider expansion

gcp/sample_gcp_plan.json

Mixed GCP Inventory

Mixed Google provider inventory covering compute, network, IAM, Pub/Sub, BigQuery, Cloud SQL, Secret Manager, Cloud KMS, and GCS.

Findings
26
Boundaries
4
Resources
23
6 high 20 medium 0 low
Run built-in report

Stress-case fixture

gcp/sample_gcp_nightmare_plan.json

GCP Nightmare Plan

Stacked GCP risk across compute, GKE, serverless, data services, org/folder/project IAM, and unsupported-resource coverage.

Findings
45
Boundaries
9
Resources
31
14 high 29 medium 2 low
Run built-in report