gke/WARN/2023_001
Container File System has the required scopes for Image Streaming
Product: Google Kubernetes Engine
Rule class: WARN - Something that is possibly wrong
Description
Verify GKE nodes have the required scopes to use Image Streaming.
Remediation
You can use the following Cloud Logging filter to find matching log lines:
resource.type="k8s_node"
log_id("gcfsd")
jsonPayload.MESSAGE:"Request had insufficient authentication scopes"
To resolve this issue, add the devstorage.read_only scope to the cluster or node pool
Further information
See https://cloud.google.com/kubernetes-engine/docs/how-to/image-streaming#permissiondenied