Powerpipe Detection Mods →
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-gcp-compliance
Overview
12Dashboards
536Benchmarks
201Queries
2Variables
GitHub

Control: GKE clusters with less than three nodes should have auto upgrade enabled

Description

This control ensures that clusters with less than three nodes should have auto upgrade enabled.

Usage

Run the control in your terminal:

powerpipe control run gcp_compliance.control.kubernetes_cluster_with_less_than_three_node_auto_upgrade_enabled

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run gcp_compliance.control.kubernetes_cluster_with_less_than_three_node_auto_upgrade_enabled --share

SQL

This control uses a named query:

select
  self_link resource,
  case
    when np -> 'management' -> 'autoUpgrade' = 'true' and current_node_count < 3 then 'alarm'
    else 'ok'
  end as status,
  title || ' has ' || current_node_count || ' node(s) with auto upgrade enabled.' as reason
  
  , location as location, project as project
from
  gcp_kubernetes_cluster,
  jsonb_array_elements(node_pools) as np;

Tags

category = Compliance
plugin = gcp
service = GCP/Kubernetes