GKE Master Authorized Networks Disabled
- Query id: d43366c5-80b0-45de-bbe8-2338f4ab0a83
- Query name: GKE Master Authorized Networks Disabled
- Platform: Ansible
- Severity: High
- Category: Networking and Firewall
- URL: Github
Description¶
Master authorized networks must be enabled in GKE clusters
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
---
- name: create a cluster
google.cloud.gcp_container_cluster:
name: my-cluster
location: us-central1-a
auth_kind: serviceaccount
master_authorized_networks_config:
cidr_blocks:
- cidr_block: 192.0.2.0/24
enabled: no
state: present
- name: create a second cluster
google.cloud.gcp_container_cluster:
name: my-second-cluster
location: us-central1-a
auth_kind: serviceaccount
master_authorized_networks_config:
cidr_blocks:
- cidr_block: 192.0.2.0/24
state: present
- name: create a third cluster
google.cloud.gcp_container_cluster:
name: my-third-cluster
location: us-central1-a
auth_kind: serviceaccount
state: present