Triage and Remediation
Remediation
Using Console
Using Console
To remediate the misconfiguration of enabling VPC Flow Logs and Intranode Visibility for GCP using GCP console, please follow the below steps:
- Login to the Google Cloud Console with your credentials.
- Navigate to the VPC network section from the left-hand navigation menu.
- Select the VPC network for which you want to enable flow logs and intranode visibility.
- Click on the Edit button at the top of the page.
- Scroll down to the Flow Logs section and enable it.
- Select the destination where you want to store the logs. You can choose either Stackdriver Logging or a Cloud Storage bucket.
- Choose the filter for the logs. You can choose to log all traffic or only specific traffic.
- Scroll down to the Intranode Visibility section and enable it.
- Click on the Save button at the bottom of the page to apply the changes.
Using CLI
Using CLI
To remediate the misconfiguration of enabling VPC Flow Logs and Intranode Visibility in GCP using GCP CLI, follow these steps:Replace [SUBNET_NAME] with the name of the subnet that you want to enable flow logs for.Replace [CLUSTER_NAME] with the name of the cluster that you want to enable intra-node visibility for.This command should return “enableFlowLogs: true” if flow logs have been enabled for the subnet.This command should return “enableIntraNodeVisibility: true” if intra-node visibility has been enabled for the cluster.By following these steps, you can remediate the misconfiguration of enabling VPC Flow Logs and Intranode Visibility in GCP using GCP CLI.
- Open the Cloud Shell in the GCP Console.
- Run the following command to enable VPC Flow Logs:
- Run the following command to enable Intranode Visibility:
- Verify that the changes have been made by running the following command:
- Similarly, verify that the changes have been made for Intranode Visibility by running the following command:
Using Python
Using Python
To enable VPC Flow Logs and Intranode Visibility in GCP using Python, follow these steps:That’s it! These steps will enable VPC Flow Logs and Intranode Visibility in GCP using Python.
- Import the necessary libraries:
- Set the project ID, region, and zone:
- Create a logging client:
- Create a log metric for VPC flow logs:
- Create the metric:
- Create a compute client:
- Get the list of subnetworks in the region:
- Enable VPC flow logs for each subnetwork:
- Create a log metric for intranode visibility:
- Create the metric:
- Get the list of instances in the zone:
- Enable intranode visibility for each instance: