GitHub
Join us on Slack
Join us on Discord
Ask on Stack Overflow
Search
⌃
K
Links
Introduction to OpenRewrite
Running Recipes
Authoring Recipes
Recipe catalog
Kotlin
Python
Analysis
CircleCI
Cloud suitability analyzer
Concourse
Cucumber
GitHub Actions
Hibernate
Java
Jenkins
Kubernetes
XML
Micrometer
Okio
OkHttp
Quarkus
Recommendations
Gradle
Maven
SQL
Static analysis and remediation
Terraform
Add Terraform configuration
Use a long enough byte length for random resources
AWS
Azure
GCP
Best practices for GCP
Enable PodSecurityPolicy controller on Google Kubernetes Engine (GKE) clusters
Enable VPC Flow Logs for subnetworks
Enable VPC flow logs and intranode visibility
Ensure GCP Kubernetes cluster node auto-repair configuration is enabled
Ensure GCP Kubernetes engine clusters have legacy compute engine metadata endpoints disabled
Ensure GCP VM instances have block project-wide SSH keys feature enabled
Ensure GCP cloud storage bucket with uniform bucket-level access are enabled
Ensure IP forwarding on instances is disabled
Ensure binary authorization is used
Ensure compute instances launch with shielded VM enabled
Ensure private cluster is enabled when creating Kubernetes clusters
Ensure secure boot for shielded GKE nodes is enabled
Ensure shielded GKE nodes are enabled
Ensure the GKE metadata server is enabled
Search
Core
Config
Search
Text
Groovy
Hcl
JSON
Properties
YAML
Changelog
Reference
Concepts & explanations
Powered By
GitBook
GCP
Composite Recipes
Recipes that include further recipes, often including the individual recipes below.
Best practices for GCP
Ensure secure boot for shielded GKE nodes is enabled
Ensure the GKE metadata server is enabled
Recipes
Enable
PodSecurityPolicy
controller on Google Kubernetes Engine (GKE) clusters
Enable VPC Flow Logs for subnetworks
Enable VPC flow logs and intranode visibility
Ensure GCP Kubernetes cluster node auto-repair configuration is enabled
Ensure GCP Kubernetes engine clusters have legacy compute engine metadata endpoints disabled
Ensure GCP VM instances have block project-wide SSH keys feature enabled
Ensure GCP cloud storage bucket with uniform bucket-level access are enabled
Ensure IP forwarding on instances is disabled
Ensure binary authorization is used
Ensure compute instances launch with shielded VM enabled
Ensure private cluster is enabled when creating Kubernetes clusters
Ensure shielded GKE nodes are enabled
Previous
Set Azure Storage Account default network access to deny
Next
Best practices for GCP
Last modified
1mo ago