GKE Master Authorized Networks Disabled

  • Query id: 62c8cf50-87f0-4295-a974-8184ed78fe02
  • Query name: GKE Master Authorized Networks Disabled
  • Platform: GoogleDeploymentManager
  • Severity: Medium
  • Category: Networking and Firewall
  • CWE: 284
  • URL: Github

Description

Master authorized networks must be enabled in GKE clusters
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
resources:
  - name: my-cluster
    type: container.v1.cluster
    properties:
      description: cluster
Positive test num. 2 - yaml file
resources:
  - name: my-cluster
    type: container.v1.cluster
    properties:
      description: cluster
      masterAuthorizedNetworksConfig:
        enabled: false

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
resources:
  - name: my-cluster
    type: container.v1.cluster
    properties:
      description: cluster
      masterAuthorizedNetworksConfig:
        enabled: true