Agent Skillsgoogle/skills › gke-security

gke-security

GitHub

用于规划、配置和加固 Google Kubernetes Engine (GKE) 安全。涵盖工作负载身份联合、Secret Manager 集成、RBAC 强化、二进制授权、网络策略及 IAM 角色。适用于 GKE 集群安全设置、Workload Identity 配置及 RBAC 加固,不适用于通用网络路由。

skills/cloud/gke-security/SKILL.md google/skills

Trigger Scenarios

Securing GKE clusters Setting up Workload Identity Hardening RBAC configurations Configuring GKE secrets

Install

npx skills add google/skills --skill gke-security -g -y
More Options

Non-standard path

npx skills add https://github.com/google/skills/tree/main/skills/cloud/gke-security -g -y

Use without installing

npx skills use google/skills@gke-security

指定 Agent (Claude Code)

npx skills add google/skills --skill gke-security -a claude-code -g -y

安装 repo 全部 skill

npx skills add google/skills --all -g -y

预览 repo 内 skill

npx skills add google/skills --list

SKILL.md

Frontmatter
{
    "name": "gke-security",
    "metadata": {
        "category": "Security"
    },
    "description": "Plans, configures, and hardens Google Kubernetes Engine (GKE) security. Covers Workload Identity Federation, Secret Manager integration, RBAC hardening, Binary Authorization, Network Policies (Dataplane V2), Pod Security Standards, and IAM roles. Use when securing GKE clusters, setting up Workload Identity, hardening RBAC configurations, or configuring GKE secrets. Don't use for general network routing configuration (use gke-networking instead)."
}

GKE Security

This reference covers security configuration for GKE clusters. The golden path enforces a hardened security posture by default.

MCP Tools: get_cluster, check_k8s_auth, get_k8s_resource, apply_k8s_manifest, update_cluster

Golden Path Security Defaults

Setting Golden Path Value Day-0/1 Notes
workloadIdentityConfig.workloadPool <PROJECT>.svc.id.goog Day-0 Workload Identity Federation for Pods
secretManagerConfig.enabled true Day-1 Google Secret Manager integration
secretManagerConfig.rotationConfig enabled: true, rotationInterval: 120s Day-1 Automatic secret rotation
rbacBindingConfig.enableInsecureBindingSystemAuthenticated false Day-0 Blocks legacy system:authenticated bindings
rbacBindingConfig.enableInsecureBindingSystemUnauthenticated false Day-0 Blocks legacy system:unauthenticated bindings
nodeConfig.shieldedInstanceConfig.enableSecureBoot true Day-0 Verifiable boot integrity
nodeConfig.shieldedInstanceConfig.enableIntegrityMonitoring true Day-0 Runtime integrity checks
nodeConfig.workloadMetadataConfig.mode GKE_METADATA Day-0 Blocks legacy metadata API, enforces Workload Identity
Private cluster + Dataplane V2 settings See the gke-networking skill Day-0 Private nodes, private endpoint enforcement, ADVANCED_DATAPATH

Workload Identity Federation

Workload Identity is the recommended way for pods to access Google Cloud APIs. It eliminates the need for static service account keys.

Setup

# 1. Create a Google Service Account (GSA)
gcloud iam service-accounts create <GSA_NAME> \
  --project <PROJECT_ID> \
  --display-name "Workload Identity SA" \
  --quiet

# 2. Grant IAM roles to the GSA
gcloud projects add-iam-policy-binding <PROJECT_ID> \
  --member "serviceAccount:<GSA_NAME>@<PROJECT_ID>.iam.gserviceaccount.com" \
  --role "<ROLE>" \
  --quiet

# 3. Create Kubernetes Service Account (KSA)
kubectl create namespace <NAMESPACE>
kubectl create serviceaccount <KSA_NAME> --namespace <NAMESPACE>

# 4. Bind KSA to GSA
gcloud iam service-accounts add-iam-policy-binding \
  <GSA_NAME>@<PROJECT_ID>.iam.gserviceaccount.com \
  --role roles/iam.workloadIdentityUser \
  --member "serviceAccount:<PROJECT_ID>.svc.id.goog[<NAMESPACE>/<KSA_NAME>]" \
  --quiet

# 5. Annotate KSA
kubectl annotate serviceaccount <KSA_NAME> \
  --namespace <NAMESPACE> \
  iam.gke.io/gcp-service-account=<GSA_NAME>@<PROJECT_ID>.iam.gserviceaccount.com

See assets/workload-identity-pod.yaml for a test pod.

Verification

kubectl run workload-identity-test \
  --image=gcr.io/google.com/cloudsdktool/cloud-sdk:slim \
  --serviceaccount=<KSA_NAME> --namespace=<NAMESPACE> \
  --rm -it -- gcloud auth list --quiet

Secret Manager Integration

The golden path enables Secret Manager with automatic rotation. Secrets are synced to Kubernetes Secrets.

# Verify Secret Manager is enabled on cluster
gcloud container clusters describe <CLUSTER_NAME> --region <REGION> \
  --format="value(secretManagerConfig.enabled)" \
  --quiet

# Enable if not already (Day-1 change)
gcloud container clusters update <CLUSTER_NAME> --region <REGION> \
  --enable-secret-manager \
  --secret-manager-rotation-interval=120s \
  --quiet

Mounting Secrets via CSI Volume (Deployment Example)

Once the Secret Manager add-on is enabled, workloads can mount secrets as volumes using the Secrets Store CSI driver. This requires two steps:

  1. Define a SecretProviderClass to specify which secrets to retrieve from Secret Manager.
  2. Mount the volume in a Deployment referencing that class.

[!IMPORTANT] Production Best Practice: Always demonstrate workload integrations (like Secret Manager CSI) using production-standard Deployment manifests rather than raw Pod manifests.

Step 1: Create the SecretProviderClass

apiVersion: secrets-store.csi.x-k8s.io/v1
kind: SecretProviderClass
metadata:
  name: app-secrets-provider
  namespace: default
spec:
  provider: gke  # Identifies GKE managed provider
  parameters:
    secrets: |
      - resourceName: "projects/<PROJECT_ID>/secrets/db-password/versions/latest"
        fileName: "db-password.txt"

Step 2: Mount the secret in a Deployment

apiVersion: apps/v1
kind: Deployment
metadata:
  name: secure-app
  namespace: default
spec:
  replicas: 2
  selector:
    matchLabels:
      app: secure-app
  template:
    metadata:
      labels:
        app: secure-app
    spec:
      serviceAccountName: secure-ksa  # Must be bound to GSA with Secret Manager Secret Accessor role
      containers:
      - name: app
        image: <IMAGE>
        volumeMounts:
        - name: secrets-volume
          mountPath: "/var/secrets"
          readOnly: true
      volumes:
      - name: secrets-volume
        csi:
          driver: secrets-store.csi.k8s.io
          readOnly: true
          volumeAttributes:
            secretProviderClass: "app-secrets-provider"

RBAC Hardening

The golden path disables insecure legacy RBAC bindings that grant broad access to system:authenticated and system:unauthenticated groups.

# Verify insecure bindings are disabled
gcloud container clusters describe <CLUSTER_NAME> --region <REGION> \
  --format="yaml(rbacBindingConfig)" \
  --quiet

Best practices for RBAC:

  • Use namespace-scoped Roles over cluster-wide ClusterRoles
  • Bind to specific Groups or ServiceAccounts, never to system:authenticated
  • Audit permissions via MCP: check_k8s_auth(parent="...", verb="list", resourceType="pods", namespace="...") (or kubectl auth can-i --list --as=<user>)
  • Review bindings via MCP: get_k8s_resource(parent="...", resourceType="clusterrolebinding") (or kubectl get clusterrolebindings,rolebindings --all-namespaces)

See the gke-multitenancy skill for enterprise RBAC planning and https://docs.cloud.google.com/kubernetes-engine/docs/best-practices/rbac.md.txt

Binary Authorization

Not enabled in golden path by default but recommended for production image provenance:

# Enable Binary Authorization
gcloud container clusters update <CLUSTER_NAME> --region <REGION> \
  --binauthz-evaluation-mode=PROJECT_SINGLETON_POLICY_ENFORCE \
  --quiet

Network Policies

Dataplane V2 (golden path) provides built-in Network Policy enforcement. Apply default-deny per namespace:

# MCP (preferred)
apply_k8s_manifest(parent="...", yamlManifest="<contents of default-deny-netpol.yaml>")

# kubectl fallback
kubectl apply -f ./assets/default-deny-netpol.yaml -n <NAMESPACE>

GKE Sandbox (gVisor)

For running untrusted workloads in an isolated sandbox:

# Enable on cluster (Standard clusters)
gcloud container clusters update <CLUSTER_NAME> --region <REGION> --enable-gke-sandbox --quiet

# Use in pod spec
# Add: runtimeClassName: gvisor

Pod Security Standards (Golden Path)

Pod Security Standards define three profiles that restrict what pods can do. The restricted profile is the golden path default for production namespaces.

Profile Level Use Case
privileged Unrestricted System namespaces (kube-system),
: : : infrastructure controllers :
baseline Minimally restrictive Shared/dev namespaces, legacy apps
: : : being migrated :
restricted Golden path Production workloads -- blocks
: : : privilege escalation, host access, :
: : : root :

Enforce via namespace labels (Pod Security Admission):

apiVersion: v1
kind: Namespace
metadata:
  name: production
  labels:
    pod-security.kubernetes.io/enforce: restricted
    pod-security.kubernetes.io/warn: restricted
    pod-security.kubernetes.io/audit: restricted

Gradual rollout strategy:

  1. Start with warn + audit on existing namespaces to identify violations
  2. Fix non-compliant workloads (remove privileged, hostNetwork, root user, etc.)
  3. Enable enforce once all workloads pass

restricted blocks: running as root, privilege escalation, host networking/PID/IPC, host path volumes, and most capabilities. The golden path workload-identity-pod.yaml already complies.

Network Policy Logging (Recommended)

With Dataplane V2 (golden path), you can enable logging for Network Policy decisions. Not a golden path default -- recommended for security auditing.

gcloud container clusters update <CLUSTER_NAME> --region <REGION> \
  --enable-network-policy-logging \
  --quiet

This logs allowed and denied connections, useful for troubleshooting Network Policy rules and auditing traffic flows.

Common IAM Roles

The five most common predefined IAM roles for GKE:

Role Purpose When to Use
roles/container.admin Full control over Platform team admins
: : clusters and : managing cluster :
: : Kubernetes : lifecycle :
: : resources : :
roles/container.clusterAdmin Manage clusters but Cluster operators
: : not project-level : who create/delete :
: : IAM : clusters :
roles/container.developer Deploy workloads Application
: : (pods, services, : developers deploying :
: : deployments) : to existing clusters :
roles/container.viewer Read-only access to Monitoring,
: : clusters and : auditing, or :
: : Kubernetes : read-only dashboards :
: : resources : :
roles/container.clusterViewer List and get CI/CD pipelines that
: : cluster details : need cluster :
: : only : metadata :

Principle of least privilege: Start with roles/container.viewer or roles/container.developer and escalate only as needed. Avoid granting roles/container.admin broadly.

Service Accounts & Agents

  • GKE Service Agent (service-<PROJECT_NUMBER>@container-engine-robot.iam.gserviceaccount.com): Automatically created. Manages nodes, networking, and cluster operations on your behalf. Do not remove or modify its permissions.
  • Node Service Account: By default, nodes use the Compute Engine default service account. For production, create a dedicated SA with minimal permissions and assign it via node pool config.
  • Workload Identity: The recommended way for pods to access Google Cloud APIs. Maps a Kubernetes ServiceAccount to a Google IAM ServiceAccount — see Workload Identity setup above.

Cross-Service Authentication Patterns

Common patterns for granting GKE workloads access to other Google Cloud services:

# Grant a GKE workload access to Cloud Storage
gcloud projects add-iam-policy-binding <PROJECT_ID> \
  --member "serviceAccount:<GSA_NAME>@<PROJECT_ID>.iam.gserviceaccount.com" \
  --role "roles/storage.objectViewer" \
  --quiet

# Grant a GKE workload access to Cloud SQL
gcloud projects add-iam-policy-binding <PROJECT_ID> \
  --member "serviceAccount:<GSA_NAME>@<PROJECT_ID>.iam.gserviceaccount.com" \
  --role "roles/cloudsql.client" \
  --quiet

# Grant a GKE workload access to Pub/Sub
gcloud projects add-iam-policy-binding <PROJECT_ID> \
  --member "serviceAccount:<GSA_NAME>@<PROJECT_ID>.iam.gserviceaccount.com" \
  --role "roles/pubsub.subscriber" \
  --quiet

In all cases, the GSA must be bound to a KSA via Workload Identity (see setup above). The pod then uses the KSA to authenticate as the GSA.

Version History

  • aabe37a Current 2026-07-05 15:29

Same Skill Collection

skills/ads/data-manager-api/data-manager-api-audience-ingestion/SKILL.md
skills/ads/data-manager-api/data-manager-api-event-ingestion/SKILL.md
skills/ads/data-manager-api/data-manager-api-setup/SKILL.md
skills/ads/google-ads-api/google-ads-api-mcp-setup/SKILL.md
skills/ads/google-mobile-ads/google-mobile-ads-android-migrate-to-next-gen/SKILL.md
skills/ads/google-mobile-ads/google-mobile-ads-banner/SKILL.md
skills/ads/google-mobile-ads/google-mobile-ads-get-started/SKILL.md
skills/ads/google-mobile-ads/google-mobile-ads-interstitial/SKILL.md
skills/ads/google-mobile-ads/google-mobile-ads-rewarded/SKILL.md
skills/ads/interactive-media-ads/ima-sdk-basics/SKILL.md
skills/analytics/google-analytics-admin-api-basics/SKILL.md
skills/analytics/google-analytics-data-api-basics/SKILL.md
skills/cloud/agent-platform-endpoint-management/SKILL.md
skills/cloud/agent-platform-migrate-from-ai-studio/SKILL.md
skills/cloud/agent-platform-model-registry/SKILL.md
skills/cloud/agent-platform-prompt-management/SKILL.md
skills/cloud/agent-platform-rag-engine-management/SKILL.md
skills/cloud/agent-platform-skill-registry/SKILL.md
skills/cloud/agent-platform-tuning-management/SKILL.md
skills/cloud/agent-platform-tuning/SKILL.md
skills/cloud/alloydb-basics/SKILL.md
skills/cloud/bigquery-ai-ml/SKILL.md
skills/cloud/bigquery-basics/SKILL.md
skills/cloud/bigquery-bigframes/SKILL.md
skills/cloud/bigtable-basics/SKILL.md
skills/cloud/cloud-run-basics/SKILL.md
skills/cloud/detection-engineering-coverage-evaluation/SKILL.md
skills/cloud/firebase-basics/SKILL.md
skills/cloud/gcloud/SKILL.md
skills/cloud/gemini-agents-api/SKILL.md
skills/cloud/gemini-api/SKILL.md
skills/cloud/gemini-interactions-api/SKILL.md
skills/cloud/gke-app-onboarding/SKILL.md
skills/cloud/gke-backup-dr/SKILL.md
skills/cloud/gke-basics/SKILL.md
skills/cloud/gke-batch-hpc/SKILL.md
skills/cloud/gke-cluster-creation/SKILL.md
skills/cloud/gke-compute-classes/SKILL.md
skills/cloud/gke-cost/SKILL.md
skills/cloud/gke-golden-path/SKILL.md
skills/cloud/gke-inference/SKILL.md
skills/cloud/gke-multitenancy/SKILL.md
skills/cloud/gke-networking/SKILL.md
skills/cloud/gke-observability/SKILL.md
skills/cloud/gke-reliability/SKILL.md
skills/cloud/gke-scaling/SKILL.md
skills/cloud/gke-storage/SKILL.md
skills/cloud/google-cloud-networking-observability/SKILL.md
skills/cloud/google-cloud-recipe-auth/SKILL.md
skills/cloud/google-cloud-recipe-onboarding/SKILL.md
skills/cloud/google-cloud-waf-cost-optimization/SKILL.md
skills/cloud/google-cloud-waf-operational-excellence/SKILL.md
skills/cloud/google-cloud-waf-performance-optimization/SKILL.md
skills/cloud/google-cloud-waf-reliability/SKILL.md
skills/cloud/google-cloud-waf-security/SKILL.md
skills/cloud/google-cloud-waf-sustainability/SKILL.md
skills/cloud/iam-recommendations-fetcher/SKILL.md
skills/ads/google-ads-api/google-ads-api-quickstart/SKILL.md
skills/cloud/agent-platform-alert-configuration/SKILL.md
skills/cloud/agent-platform-deploy/SKILL.md
skills/cloud/agent-platform-eval-flywheel/SKILL.md
skills/cloud/agent-platform-inference/SKILL.md
skills/cloud/cloud-sql-basics/SKILL.md
skills/cloud/datalineage-bigquery-asset-impact-analysis/SKILL.md
skills/cloud/gke-upgrades/SKILL.md
skills/cloud/google-agents-cli-onboarding/SKILL.md
skills/cloud/google-cloud-recipe-foundation-builder/SKILL.md
skills/cloud/workload-manager-basics/SKILL.md

Metadata

Files
0
Version
aabe37a
Hash
521d23c4
Indexed
2026-07-05 15:29

Главная - Вики-сайт
Copyright © 2011-2026 iteam. Current version is 2.155.2. UTC+08:00, 2026-07-10 05:03
浙ICP备14020137号-1 $Гость$