Checklist Summary:

This document provides prescriptive guidance for running Google Kubernetes Engine (GKE) v1.27.3, 1.27.7 & 1.28.3 following recommended security controls. This benchmark only includes controls which can be modified by an end user of GKE. For information on GKE's performance against the Kubernetes CIS benchmarks, for items which cannot be audited or modified, see the GKE documentation at https://cloud.google.com/kubernetes-engine/docs/concepts/cis-benchmarks. For the latest GKE hardening guide, see g.co/gke/hardening. To obtain the latest version of this guide, please visit www.cisecurity.org. If you have questions, comments, or have identified ways to improve this guide, please write us at support@cisecurity.org.

Checklist Role:

• Virtualization Server

Known Issues:

Not provided.

Target Audience:

This document is intended for cluster administrators, security specialists, auditors, and any personnel who plan to develop, deploy, assess, or secure solutions that incorporate Google Kubernetes Engine (GKE).

Target Operational Environment:

• Managed
• Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

Not provided.

Product Support:

Not provided.

Point of Contact:

support@cisecurity.org

Sponsor:

Not provided.

Licensing:

Not provided.

Change History:

new checklist - 2/28/24
updated status to FINAL - 3/28/24

Dependency/Requirements:

URL	Description

References:

Reference URL	Description

NIST checklist record last modified on 03/28/2024