Node should be shielded
Severity | Exploitability | Providers | Categories |
---|---|---|---|
HIGH | LOW | Google Cloud Provider | DATA |
Description
Shielding is not enabled. Nodes integrity and identity cannot be asserted. Enabling shielding ensure that:
- Every node are running in Google data center
- Every node is part of the Managed Instance Group
- Running nodes are legitimate
Impact
Potential data exposure | Visible in logs | User interaction required | Privileges required |
---|---|---|---|
True | False | False | False |
An attacker may exploit a vulnerability in a pod to exfiltrate credentials, becoming able to impersonate nodes which can lead to data leak. An attacker may seek to alter the boot process to introduce persistent malware or rootkits.
Remediation guidelines
Enable shielded nodes following this documentation.