Vendor services misconfigurations

GKE has Shielded nodes disabled

Risk Level

Informational (4)

Compliance Frameworks


Shielded GKE nodes protects clusters against boot- or kernel-level malware or rootkits which persist beyond infected OS. Shielded GKE nodes run firmware which is signed and verified using Google's Certificate Authority, ensuring that the nodes' firmware is unmodified and establishing the root of trust for Secure Boot. It was detected that {GcpGkeCluster} does not use shielded nodes.