gke/WARN/2022_002

GKE metadata concealment is not in use

Product: Google Kubernetes Engine
Rule class: WARN - Something that is possibly wrong

Description

Metadata concealment is scheduled to be deprecated and removed in the future. Workload Identity replaces the need to use metadata concealment and the two approaches are incompatible. It is recommended that you use Workload Identity instead of metadata concealment.

Remediation

Migrate your node pools with metadata concealment enabled to node pools with Workload Identity.

Further information

Metadata concealment
Workload Identity