---
title: GKE clusters should have Security Posture enabled
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > GKE clusters should have Security
  Posture enabled
---

> For the complete documentation index, see [llms.txt](https://docs.datadoghq.com/llms.txt).

# GKE clusters should have Security Posture enabled
 
## Description{% #description %}

Google Kubernetes Engine (GKE) Security Posture provides built-in capabilities to assess and improve the security of your clusters. It identifies configuration issues, workload vulnerabilities, and other risks. Enabling Security Posture (mode `BASIC` or `ENTERPRISE`) helps you proactively detect and remediate security concerns across your GKE workloads.

The cluster's `security_posture_config.mode` is set to `BASIC` or `ENTERPRISE`. Clusters where the mode is `DISABLED` or where the `security_posture_config` is absent will fail.

## Rationale{% #rationale %}

Without Security Posture enabled, configuration weaknesses and vulnerabilities in your cluster and workloads may go unnoticed, increasing the risk of compromise. Enabling Security Posture provides continuous visibility into the security state of your GKE environment.

## Remediation{% #remediation %}

Enable Security Posture (Basic or Enterprise tier) on the cluster from the Security section of the cluster settings, or with `gcloud container clusters update`. See [Configure security posture for clusters](https://cloud.google.com/kubernetes-engine/docs/how-to/protect-workload-configuration) for the full procedure.

**Note**: The gcloud `--security-posture=standard` value maps to the `BASIC` API mode (`security_posture_config.mode`). The `ENTERPRISE` mode is provisioned for clusters enrolled in GKE Enterprise rather than via this flag; both `BASIC` and `ENTERPRISE` satisfy this rule.

## References{% #references %}

- [About security posture in GKE](https://cloud.google.com/kubernetes-engine/docs/concepts/about-security-posture-dashboard)
- [Configure security posture for clusters](https://cloud.google.com/kubernetes-engine/docs/how-to/protect-workload-configuration)
