Cloud Custodian: Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
GCP Metrics: This tool provides a simple command-line interface to query Google Monitoring API v3. This is handy when integrating with warious monitoring tools, like Zabbix or Nagios.
Scout Suite: Multi-Cloud Security Auditing Tool
Gimme: Creating time bound IAM Conditions with ease and flair
GCP Firewall Enforcer: A toolbox to enforce firewall rules across multiple GCP projects.
GCP Audit: A tool for auditing security properties of GCP projects.
InSpec GCP: InSpec is compliance as code. Turn your compliance, security, and other policy requirements into automated tests.