Quick Info
| Plugin Title | Master Authorized Network |
| Cloud | |
| Category | Kubernetes |
| Description | Ensures master authorized networks is set to enabled on Kubernetes clusters |
| More Info | Authorized networks are a way of specifying a restricted range of IP addresses that are permitted to access your container clusters Kubernetes master endpoint. |
| GOOGLE Link | https://cloud.google.com/kubernetes-engine/docs/how-to/authorized-networks |
| Recommended Action | Enable master authorized networks on all clusters. |
Detailed Remediation Steps
- Log into the Google Cloud Platform Console.
- Scroll down the left navigation panel and choose the “Kubernetes Engine” option under the “Compute” and select the “Clusters.”
- On the “Kubernetes clusters” page , click on the “Name” as a link option to select the cluster.
- On the “Clusters” page, click on the “Edit” button at the top.
- Scroll down the “Clusters - Edit” page and check whether “Master authorised networks” is enabled or disabled. If it’s set to disabled then it’s not as per the best recommended method to authenticate.
- Repeat steps number 2 - 5 to verify other “Clusters” in the account.
- Navigate to the “Kubernetes Engine” option under the “Compute”, choose the “Clusters” and click on the “Edit” button at the top.
- On the “Clusters - Edit” page, scroll down and choose the “Enabled” option from the dropdown menu next to “Master authorised networks."
- Click on the “Save” button to make the changes.
- Repeat steps number 7 - 9 to enable master authorized networks on all clusters.