This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
New SecOps Webinar May 14th! Learn about Gemini's generative AI within Google SecOps
Log in to ask a question

Vulnerability & Patch Management

Posted on 09-04-2024 06:21 AM
DrilonOsmani
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

We are currently experiencing an issue with our Airflow Composer service, which is managed by GCP and hosted in an Autopilot Kubernetes cluster. Specifically, we have identified some active vulnerabilities (GKE runtime OS vulnerabilities) associated with this service.

Given the nature of the Autopilot Kubernetes cluster, we are limited in our ability to directly modify the cluster, restricting us to initiating updates only. Despite multiple attempts to upgrade to the latest versions, including unstable versions of Airflow Composer, the vulnerabilities remain unresolved.

Could you please provide guidance or assistance in addressing these vulnerabilities? 

0 2 337
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
vaskenh
Staff
Reply posted on --/--/---- --:-- AM

Hi @DrilonOsmani , have you already brought this up with GCP Support?  If not, I would suggest doing so for this scenario.  This particular forum is centered around Security Command Center (SCC), a separate offering in GCP.

0 Likes

Posted on --/--/---- --:-- AM
DrilonOsmani
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi Vasken,
 
Yes i have tried GCP support, i thought someone of community might help with this scenario. 

0 Likes