For AI agents: A markdown version of this page is available at https://docs.datadoghq.com/security/default_rules/def-000-u28.md. A documentation index is available at /llms.txt.

Cluster should be created with Private Nodes

google_kubernetes_engine_cluster

Description

A cluster should have private nodes enabled. These settings ensure that the nodes are properly isolated from public access.

Remediation

Note: A cluster created without private nodes cannot be modified to enable private nodes. A new cluster must be created.

Follow the Customize Network Isolation guide from Google Cloud to enable private nodes and disable public access to your cluster.

References