Google Cloud Kubernetes Engine cluster should not be publicly accessible

Set up the gke integration.

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

The control plane of a GKE cluster should not be open to the internet. Limiting internet access significantly reduces the attack surface.

Remediation

Consider allow-listing specific IP ranges in the cluster configuration.

Alternatively, consider making the cluster private and accessing it from an internal network or through Identity-aware Proxy (IaP).

PREVIEWING: rtrieu/product-analytics-ui-changes