Kubernetes (Container) Engine

4 examples and best practices for Google Kubernetes (Container) Engine, including Google Kubernetes (Container) Engine Cluster and Google Kubernetes (Container) Engine Node Pool.

Review your .tf file for Google best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Start Review (free) >

Cluster

google_container_cluster (0 example case)

12 best security practices

1. Ensure legacy authentication is disabled
2. Ensure a legacy ABAC is disabled
3. Ensure legacy metadata endpoints for your GKE cluster are disabled
4. Ensure the network policy for your GKE cluster is enabled
5. Ensure your GKE cluster uses private nodes if possible
6. Ensure a custom service account is set to your GKE nodes
7. Ensure cluster labels are configured
8. Ensure a logging service of your GKE cluster is specified
9. Ensure master authorized networks of your GKE cluster is configured
10. Ensure a monitoring service of your GKE cluster is specified
11. Ensure Shielded GKE nodes for your GKE cluster is enabled
12. Ensure GKE control plane should not be publicly accessible on the Internet

Node Pool

google_container_node_pool (4 example cases)

4 best security practices

1. Ensure to use Container-Optimized OS (cos) for node images
2. Ensure Node metadata values of your GKE cluster is disabled
3. Ensure the auto repair of your GKE cluster is enabled
4. Ensure the auto upgrade of your GKE cluster is enabled