AC_GCP_0020 | Ensure private cluster is enabled for Google Container Cluster | GCP | Infrastructure Security | HIGH |
AC_GCP_0296 | Ensure Container-Optimized OS (cos_containerd) is used for GKE node images | GCP | Compliance Validation | LOW |
AC_GCP_0319 | Ensure Integrity Monitoring for Shielded GKE Nodes is Enabled | GCP | Infrastructure Security | LOW |
AC_GCP_0022 | Ensure PodSecurityPolicy controller is enabled on Google Container Cluster | GCP | Compliance Validation | HIGH |
AC_GCP_0023 | Ensure control plane is not public for Google Container Cluster | GCP | Infrastructure Security | HIGH |
AC_GCP_0024 | Ensure authentication using Client Certificates is Disabled | GCP | Identity and Access Management | MEDIUM |
AC_GCP_0021 | Ensure basic authentication is disabled on Google Container Cluster | GCP | Identity and Access Management | HIGH |
AC_GCP_0231 | Enable VPC Flow Logs and Intranode Visibility | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0242 | Ensure default service account is not used for project access in Google Container Cluster | GCP | Security Best Practices | HIGH |
AC_GCP_0290 | Ensure master authorized networks config block is set for Google Container Cluster | GCP | Infrastructure Security | LOW |
AC_GCP_0019 | Ensure labels are configured for Google Container Cluster | GCP | Compliance Validation | LOW |
AC_GCP_0028 | Ensure Legacy Authorization (ABAC) is Disabled | GCP | Identity and Access Management | HIGH |
AC_GCP_0243 | Ensure application-layer secrets are encrypted for Google Container Cluster | GCP | Infrastructure Security | MEDIUM |
AC_GCP_0244 | Ensure HTTP load balancing is enabled for Google Container Cluster | GCP | Resilience | MEDIUM |
AC_GCP_0270 | Ensure the GKE Metadata Server is Enabled | GCP | Security Best Practices | LOW |
AC_GCP_0276 | Ensure use of Binary Authorization | GCP | Infrastructure Security | LOW |
AC_GCP_0297 | Ensure legacy Compute Engine instance metadata APIs are Disabled | GCP | Infrastructure Security | LOW |
AC_GCP_0018 | Ensure that Alpha clusters are not used for production workloads | GCP | Security Best Practices | LOW |
AC_GCP_0025 | Ensure use of VPC-native clusters | GCP | Compliance Validation | HIGH |
AC_GCP_0026 | Ensure network policy is enabled on Google Container Cluster | GCP | Infrastructure Security | HIGH |
AC_GCP_0027 | Ensure Master Authorized Networks is Enabled | GCP | Infrastructure Security | HIGH |
AC_GCP_0029 | Ensure stackdriver monitoring is enabled on Google Container Cluster | GCP | Logging and Monitoring | HIGH |
AC_GCP_0030 | Ensure Stackdriver Kubernetes Logging and Monitoring is Enabled | GCP | Logging and Monitoring | HIGH |
AC_GCP_0271 | Ensure Secure Boot for Shielded GKE Nodes is Enabled | GCP | Infrastructure Security | LOW |
AC_GCP_0272 | Ensure shielded nodes are enabled for all nodes in Google Container Cluster | GCP | Infrastructure Security | LOW |