Triage and Remediation
Remediation
Using Console
Using Console
To remediate the misconfiguration of not using VPC-Native Clusters in GCP, you can follow the below steps using the GCP console:
- Open the GCP console and navigate to the Kubernetes Engine page.
- Select your cluster that you want to make VPC-native.
- Click on the “Edit” button at the top of the page.
- Scroll down to the “Networking” section and click on “Enable VPC-native (using alias IP)”.
- Select the VPC network that you want to use for your cluster.
- Select the subnet that you want to use for your cluster.
- Click on the “Save” button at the bottom of the page to apply the changes.
- Verify that the VPC-native configuration is applied by checking the “Networking” section of your cluster details page.
Using CLI
Using CLI
To remediate the misconfiguration “Ensure Use Of VPC-Native Clusters” for GCP using GCP CLI, follow the below steps:Replace This command will display the IP allocation policy for the cluster. If the IP allocation policy is “Use IP aliases”, then VPC-native clusters are enabled.
- Open the GCP Cloud Shell.
- Run the following command to enable VPC-native clusters for the default network:
[CLUSTER_NAME] with the name of the cluster that you want to update and [ZONE] with the zone in which the cluster is located.- Run the following command to verify that the VPC-native clusters are enabled:
- Repeat the above steps for all the GCP clusters in your environment.
Using Python
Using Python
To remediate the misconfiguration “Ensure Use Of VPC-Native Clusters” for GCP using Python, you can follow the below steps:
- Install the necessary Python libraries:
- Authenticate with GCP using a service account:
- Import the necessary libraries:
- Get the list of existing clusters in the project:
- Check if each cluster is VPC-native or not:
- After running the script, all the clusters that are not VPC-native would be updated to use VPC-native.