Google cloud kubernetes policies
Ensure Stackdriver logging on Kubernetes engine clusters is enabled
Ensure ABAC authorization on Kubernetes engine clusters is disabled
Ensure GCP Kubernetes engine clusters have stackdriver logging enabled
Ensure GCP Kubernetes cluster node auto-repair configuration is enabled
Ensure GCP Kubernetes cluster node auto-upgrade configuration is enabled
Ensure private cluster is enabled when creating Kubernetes clusters
Ensure GCP Kubernetes engine clusters have network policy enabled
Ensure GCP Kubernetes engine clusters have client certificate enabled
Ensure PodSecurityPolicy controller is enabled on Kubernetes engine clusters
Ensure GKE control plane is not public
Ensure GCP Kubernetes engine clusters have basic authentication disabled
Ensure master authorized networks are enabled in GKE clusters
Ensure GCP Kubernetes engine clusters have label information
Ensure GCP Kubernetes engine clusters are using Container-Optimized OS for node image
Ensure Kubernetes clusters are created with alias IP ranges enabled
Ensure Kubernetes engine cluster nodes do not have default service account for project access
Ensure secure boot for shielded GKE nodes is enabled
Enable VPC flow logs and intranode visibility
Ensure GCP Kubernetes Engine Clusters are configured with private nodes feature
Ensure Kubernetes RBAC users are managed with Google Groups for GKE
Ensure binary authorization is used
Ensure GCP Kubernetes engine clusters have legacy compute engine metadata endpoints disabled
Ensure the GKE metadata server is enabled
Ensure shielded GKE nodes are enabled
Ensure integrity monitoring for shielded GKE nodes is enabled