github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/google/dns/AVD-GCP-0012/Terraform.md (about) 1 2 Use RSA SHA512 3 4 ```hcl 5 resource "google_dns_managed_zone" "example-zone" { 6 name = "example-zone" 7 dns_name = "example-${random_id.rnd.hex}.com." 8 9 dnssec_config { 10 state = "on" 11 default_key_specs { 12 algorithm = "rsasha512" 13 key_type = "keySigning" 14 } 15 default_key_specs { 16 algorithm = "rsasha512" 17 key_type = "zoneSigning" 18 } 19 } 20 } 21 22 ``` 23 24 #### Remediation Links 25 - https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/dns_managed_zone#algorithm 26