Clusters should be set to private
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | gke |
| Provider | |
| Vulnerability Type | omission |
Description#
The cluster is configured without private nodes, causing nodes to receive public IP addresses and be accessible from outside the internal network. This increases exposure to unauthorized external access.
Impact#
If exploited, attackers could reach cluster nodes directly over the public internet, potentially enabling unauthorized access, compromise of workloads, or lateral movement within the environment, leading to data breaches or service disruptions.
Resolution#
Enable private cluster