Stackdriver Monitoring Disabled

Query id: bbfc97ab-e92a-4a7b-954c-e88cec815011
Query name: Stackdriver Monitoring Disabled
Platform: GoogleDeploymentManager
Severity: High
Category: Observability
URL: Github

Description¶

Kubernetes Engine Clusters must have Stackdriver Monitoring enabled, which means the attribute 'monitoringService' must be defined and different than 'none'
Documentation

Code samples¶

Code samples with security vulnerabilities¶

Postitive test num. 1 - yaml file

resources:
  - name: my-cluster
    type: container.v1.cluster
    properties:
      description: cluster

Postitive test num. 2 - yaml file

resources:
  - name: my-cluster
    type: container.v1.cluster
    properties:
      description: cluster
      monitoringService: "none"

Code samples without security vulnerabilities¶

Negative test num. 1 - yaml file

resources:
  - name: my-cluster
    type: container.v1.cluster
    properties:
      description: cluster
      monitoringService: "monitoring.googleapis.com/kubernetes"