Kubernetes should have ‘Automatic upgrade’ enabled
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | gke |
| Provider |
Description#
Kubernetes node pools are provisioned without automatic upgrades enabled, causing nodes to remain on outdated versions rather than tracking the cluster master. This can leave nodes unpatched and inconsistent with the cluster control plane.
Impact#
Without automatic upgrades, nodes may miss critical security patches and compatibility updates, increasing the risk of vulnerabilities or operational issues. Attackers could exploit outdated nodes, and cluster stability or supportability may be compromised.
Resolution#
Enable automatic upgrades