GCP Kubernetes engine clusters have basic authentication enabled

Description

GKE supports multiple secure authentication methods, including service account bearer tokens, OAuth tokens, x509 client certificates. Basic authentication and client certificate issuance are disabled by default for clusters created with GKE 1.12 and later.

We recommend you use Cloud IAM, or an alternative secure authentication mechanism, as the identity provider for GKE clusters.

Fix - Buildtime

Terraform

resource "google_container_cluster" "pass2" {
  name               = "google_cluster"
  monitoring_service = "monitoring.googleapis.com"
  master_authorized_networks_config {}
  master_auth {
    username = ""
    password = ""
    client_certificate_config {
      issue_client_certificate = false
    }
  }

}