February 10, 2025, Conformity—New Rules
GCP
- GKE-015: Disable Legacy Authorization: This rule ensures that legacy authorization (also known as Attribute-Based Access Control or ABAC) is disabled for your Google Kubernetes Engine (GKE) clusters to guarantee compatibility with Role-Based Access Control (RBAC).
- GKE-017: Enable Private Nodes: Ensure that your Google Kubernetes Engine (GKE) clusters are configured to provision all nodes with only internal IP addresses (i.e., private nodes).