Triage and Remediation
Remediation
Using Console
Using Console
To remediate the misconfiguration of “Network Policy Should Be Enabled” in GCP using GCP console, please follow the below steps:
- Login to your GCP console.
- Navigate to the VPC Network page.
- Click on the VPC network that you want to remediate.
- Click on the Firewall rules tab.
- Click on the Create Firewall Rule button.
- Enter a name for the firewall rule.
- In the Targets section, select the network that you want to apply the firewall rule to.
- In the Source filter section, select the IP ranges that you want to allow or block.
- In the Protocols and ports section, specify the protocols and ports that you want to allow or block.
- In the Action section, select the action that you want to take on the traffic that matches the firewall rule.
- Click on the Create button to create the firewall rule.
Using CLI
Using CLI
To remediate the “Network Policy Should Be Enabled” misconfiguration in GCP using GCP CLI, follow the below steps:
- Open the GCP Cloud Shell from the GCP console.
- Run the following command to enable the Network Policy for the default network in your GCP project:
- This command will update the default network with the Network Policy enabled.
Using Python
Using Python
To remediate the misconfiguration “Network Policy Should Be Enabled” in GCP using Python, you can follow the below steps:This code will loop through all the clusters in the specified project and zone, and enable network policy for each cluster that does not already have it enabled.
- Import the required libraries:
- Set the project ID and the zone where the cluster is located:
- Get the credentials to access the GCP API:
- Create a client object for the Kubernetes API:
- Get the list of clusters in the project:
- Loop through the clusters and enable network policy: