Ensure basic authentication is disabled on Google Container Cluster

HIGH

Description

Google Container Cluster has basic authentication enabled. This may lead to unauthorized access.

Remediation

In GCP Console -

  1. Open the GCP Portal and Go to the Google Kubernetes Engine (GKE).
  2. Select the cluster you want to edit.
  3. Click details,Under Security in Basic authentication click on edit Basic authentication.
  4. Select the Enable basic authentication checkbox.
  5. Click Save Changes.

In Terraform -
Deprecated in the latest version of the provider.

  1. In the google_container_cluster resource, ensure that master_auth block attribute has master_auth.username attribute and master_auth.password attribute are not set.

References:
https://registry.terraform.io/providers/hashicorp/google/3.78.0/docs/resources/container_cluster

Policy Details

Rule Reference ID: AC_GCP_0021
CSP: GCP
Remediation Available: No
Resource Category: Compute

Frameworks