Authorized networks permit allowlisting of specific CIDR ranges and allow IP addresses in those ranges to access the cluster master endpoint using HTTPS. GKE uses TLS and authentication to secure access to the cluster master endpoint from the public Internet enabling the flexibility to administer the cluster from anywhere. Using authorized networks, you will be able to restrict access to specified sets of IP addresses further.
We recommend you enable "master authorized networks" in GKE clusters.