In provider versions prior to 4: The attribute workload_metadata_config.node_metadata configures how node metadata is exposed to workloads. It should be set to SECURE to limit metadata exposure, or GKE_METADATA_SERVER if Workload Identity is enabled.
Starting with provider version 4: The attribute node_metadata has been removed. Instead, workload_metadata_configuration.mode controls node metadata exposure. When Workload Identity is enabled, it should be set to GKE_METADATA to prevent unnecessary exposure of the metadata API to workloads.
Follow the appropriate remediation steps below to resolve the issue.
Set mode to GKE_METADATA
|
|