Home > Back-end >  Configure Audit in GKE
Configure Audit in GKE

Time:01-04

How to pass on my own kubernetes audit policy yaml to the GKE master node?

For self-managed kubernetes, we can ssh into master node and pass the policy yaml into /etc/kubernetes/manifests/kube-apiserver.yaml. How could we achieve the same in GKE?

CodePudding user response:

For creating or updating an audit policy you have to set --audit-policy-file flag and --audit-webhook-config-file flags as arguments in the API server.

Google manages GKE master completely and you cannot reach it or update it.Currently, it's impossible to update cluster networks and remove tags for existing clusters using the gcloud command. I have verified this information using the gcloud container clusters update command documentation.

Instead you can filter the audit logs in the Cloud Console, the Logs page has two filtering interfaces: basic and advanced. For information about the two filtering interfaces, see Logs Viewer filter interfaces.

There is a feature request on it, check it and raise a new request if you need it by using the issue tracker.

Page link:https//www.codepudding.com/Backend/661678.html

Prev:K8s NetworkPolicy behavior when `ports: {}`
Next:Kubernetes Ingress Route One Host
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding