Mod: gcp-kubernetesengine

The gcp-kubernetesengine mod consists of 5 resource types, 80 policies and 41 controls.

Recommended Version

Resource Types

• GCP > Kubernetes Engine
• GCP > Kubernetes Engine > Region Cluster
• GCP > Kubernetes Engine > Region Node Pool
• GCP > Kubernetes Engine > Zone Cluster
• GCP > Kubernetes Engine > Zone Node Pool

Controls

• GCP > Kubernetes Engine > API Enabled
• GCP > Kubernetes Engine > CMDB
• GCP > Kubernetes Engine > Discovery
• GCP > Kubernetes Engine > Region Cluster > Active
• GCP > Kubernetes Engine > Region Cluster > Approved
• GCP > Kubernetes Engine > Region Cluster > CMDB
• GCP > Kubernetes Engine > Region Cluster > Discovery
• GCP > Kubernetes Engine > Region Cluster > Kubernetes Dashboard Enabled
• GCP > Kubernetes Engine > Region Cluster > Labels
• GCP > Kubernetes Engine > Region Cluster > Legacy Abac
• GCP > Kubernetes Engine > Region Cluster > Logging
• GCP > Kubernetes Engine > Region Cluster > Master Authorized Networks Config
• GCP > Kubernetes Engine > Region Cluster > Network Policy Enabled
• GCP > Kubernetes Engine > Region Cluster > Pod Security Policy Config
• GCP > Kubernetes Engine > Region Cluster > Set Monitoring
• GCP > Kubernetes Engine > Region Cluster > Usage
• GCP > Kubernetes Engine > Region Cluster > Use IP Aliases
• GCP > Kubernetes Engine > Region Node Pool > Active
• GCP > Kubernetes Engine > Region Node Pool > Approved
• GCP > Kubernetes Engine > Region Node Pool > Auto Repair
• GCP > Kubernetes Engine > Region Node Pool > Auto Upgrade
• GCP > Kubernetes Engine > Region Node Pool > CMDB
• GCP > Kubernetes Engine > Region Node Pool > Discovery
• GCP > Kubernetes Engine > Region Node Pool > Usage
• GCP > Kubernetes Engine > Zone Cluster > Active
• GCP > Kubernetes Engine > Zone Cluster > Approved
• GCP > Kubernetes Engine > Zone Cluster > CMDB
• GCP > Kubernetes Engine > Zone Cluster > Discovery
• GCP > Kubernetes Engine > Zone Cluster > Kubernetes Dashboard Enabled
• GCP > Kubernetes Engine > Zone Cluster > Labels
• GCP > Kubernetes Engine > Zone Cluster > Master Authorized Networks Config
• GCP > Kubernetes Engine > Zone Cluster > Network Policy Enabled
• GCP > Kubernetes Engine > Zone Cluster > Pod Security Policy Config
• GCP > Kubernetes Engine > Zone Cluster > Usage
• GCP > Kubernetes Engine > Zone Node Pool > Active
• GCP > Kubernetes Engine > Zone Node Pool > Approved
• GCP > Kubernetes Engine > Zone Node Pool > Auto Repair
• GCP > Kubernetes Engine > Zone Node Pool > Auto Upgrade
• GCP > Kubernetes Engine > Zone Node Pool > CMDB
• GCP > Kubernetes Engine > Zone Node Pool > Discovery
• GCP > Kubernetes Engine > Zone Node Pool > Usage

IAM Roles

• GCP/Kubernetes Engine/Admin
• GCP/Kubernetes Engine/Metadata
• GCP/Kubernetes Engine/Operator

Policies

• GCP > Kubernetes Engine > API Enabled
• GCP > Kubernetes Engine > Approved Regions [Default]
• GCP > Kubernetes Engine > CMDB
• GCP > Kubernetes Engine > Enabled
• GCP > Kubernetes Engine > Labels Template [Default]
• GCP > Kubernetes Engine > Permissions
• GCP > Kubernetes Engine > Permissions > Levels
• GCP > Kubernetes Engine > Permissions > Levels > Modifiers
• GCP > Kubernetes Engine > Region Cluster > Active
• GCP > Kubernetes Engine > Region Cluster > Active > Age
• GCP > Kubernetes Engine > Region Cluster > Active > Last Modified
• GCP > Kubernetes Engine > Region Cluster > Approved
• GCP > Kubernetes Engine > Region Cluster > Approved > Custom
• GCP > Kubernetes Engine > Region Cluster > Approved > Encryption at Rest
• GCP > Kubernetes Engine > Region Cluster > Approved > Encryption at Rest > Customer Managed Key
• GCP > Kubernetes Engine > Region Cluster > Approved > Regions
• GCP > Kubernetes Engine > Region Cluster > Approved > Usage
• GCP > Kubernetes Engine > Region Cluster > CMDB
• GCP > Kubernetes Engine > Region Cluster > Kubernetes Dashboard Enabled
• GCP > Kubernetes Engine > Region Cluster > Labels
• GCP > Kubernetes Engine > Region Cluster > Labels > Template
• GCP > Kubernetes Engine > Region Cluster > Legacy Abac
• GCP > Kubernetes Engine > Region Cluster > Logging
• GCP > Kubernetes Engine > Region Cluster > Master Authorized Networks Config
• GCP > Kubernetes Engine > Region Cluster > Network Policy Enabled
• GCP > Kubernetes Engine > Region Cluster > Pod Security Policy Config
• GCP > Kubernetes Engine > Region Cluster > Regions
• GCP > Kubernetes Engine > Region Cluster > Set Monitoring
• GCP > Kubernetes Engine > Region Cluster > Usage
• GCP > Kubernetes Engine > Region Cluster > Usage > Limit
• GCP > Kubernetes Engine > Region Cluster > Use IP Aliases
• GCP > Kubernetes Engine > Region Node Pool > Active
• GCP > Kubernetes Engine > Region Node Pool > Active > Age
• GCP > Kubernetes Engine > Region Node Pool > Active > Last Modified
• GCP > Kubernetes Engine > Region Node Pool > Approved
• GCP > Kubernetes Engine > Region Node Pool > Approved > Custom
• GCP > Kubernetes Engine > Region Node Pool > Approved > Regions
• GCP > Kubernetes Engine > Region Node Pool > Approved > Usage
• GCP > Kubernetes Engine > Region Node Pool > Auto Repair
• GCP > Kubernetes Engine > Region Node Pool > Auto Upgrade
• GCP > Kubernetes Engine > Region Node Pool > CMDB
• GCP > Kubernetes Engine > Region Node Pool > Regions
• GCP > Kubernetes Engine > Region Node Pool > Usage
• GCP > Kubernetes Engine > Region Node Pool > Usage > Limit
• GCP > Kubernetes Engine > Regions
• GCP > Kubernetes Engine > Zone Cluster > Active
• GCP > Kubernetes Engine > Zone Cluster > Active > Age
• GCP > Kubernetes Engine > Zone Cluster > Active > Last Modified
• GCP > Kubernetes Engine > Zone Cluster > Approved
• GCP > Kubernetes Engine > Zone Cluster > Approved > Custom
• GCP > Kubernetes Engine > Zone Cluster > Approved > Encryption at Rest
• GCP > Kubernetes Engine > Zone Cluster > Approved > Encryption at Rest > Customer Managed Key
• GCP > Kubernetes Engine > Zone Cluster > Approved > Regions
• GCP > Kubernetes Engine > Zone Cluster > Approved > Usage
• GCP > Kubernetes Engine > Zone Cluster > CMDB
• GCP > Kubernetes Engine > Zone Cluster > Kubernetes Dashboard Enabled
• GCP > Kubernetes Engine > Zone Cluster > Labels
• GCP > Kubernetes Engine > Zone Cluster > Labels > Template
• GCP > Kubernetes Engine > Zone Cluster > Master Authorized Networks Config
• GCP > Kubernetes Engine > Zone Cluster > Network Policy Enabled
• GCP > Kubernetes Engine > Zone Cluster > Pod Security Policy Config
• GCP > Kubernetes Engine > Zone Cluster > Regions
• GCP > Kubernetes Engine > Zone Cluster > Usage
• GCP > Kubernetes Engine > Zone Cluster > Usage > Limit
• GCP > Kubernetes Engine > Zone Node Pool > Active
• GCP > Kubernetes Engine > Zone Node Pool > Active > Age
• GCP > Kubernetes Engine > Zone Node Pool > Active > Last Modified
• GCP > Kubernetes Engine > Zone Node Pool > Approved
• GCP > Kubernetes Engine > Zone Node Pool > Approved > Custom
• GCP > Kubernetes Engine > Zone Node Pool > Approved > Regions
• GCP > Kubernetes Engine > Zone Node Pool > Approved > Usage
• GCP > Kubernetes Engine > Zone Node Pool > Auto Repair
• GCP > Kubernetes Engine > Zone Node Pool > Auto Upgrade
• GCP > Kubernetes Engine > Zone Node Pool > CMDB
• GCP > Kubernetes Engine > Zone Node Pool > Regions
• GCP > Kubernetes Engine > Zone Node Pool > Usage
• GCP > Kubernetes Engine > Zone Node Pool > Usage > Limit
• GCP > Turbot > Event Handlers > Logging > Sink > Compiled Filter > @turbot/gcp-kubernetesengine
• GCP > Turbot > Permissions > Compiled > Levels > @turbot/gcp-kubernetesengine
• GCP > Turbot > Permissions > Compiled > Service Permissions > @turbot/gcp-kubernetesengine

Policy Packs

• Enforce Encryption for Secrets Is Enabled for GCP GKE Clusters