GKE clusters should have monitoring and logging enabled

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

This control validates the configuration of logging and monitoring on GKE Clusters. Exporting logs and metrics to a dedicated, persistent datastore such as Cloud Operations for GKE ensures availability of audit data following a cluster security event, and provides a central location for analysis of log and metric data collected from multiple sources.

Remediation

To enable audit logs for your GKE cluster, see Observability for GKE.