diff --git a/README.md b/README.md
index 1135022..effb4c8 100644
--- a/README.md
+++ b/README.md
@@ -325,3 +325,45 @@ terraform {
   }
 }
 ```
+
+## Google Kubernetes Engine
+
+To run the kubernetes cluster on Google Kubernetes Engine, we use the [`google_container_cluster`](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster) resource to define the cluster configurations.
+
+> To provision a GKE cluster on Google Cloud, refer [here](https://learn.hashicorp.com/tutorials/terraform/gke?in=terraform/kubernetes&utm_source=WEBSITE&utm_medium=WEB_IO&utm_offer=ARTICLE_PAGE&utm_content=DOCS).
+> See the [Using GKE with Terraform](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/using_gke_with_terraform) guide for more information about using GKE with Terraform.
+
+Once the setup is configured, we need to connect to the bastion host in order to interact with the private GKE cluster. Follow the steps mentioned below in order to connect to the `bastion host` via your local terminal:
+
+- Install the google `gke-cloud-auth-plugin` locally:
+
+```bash
+gcloud components install gke-gcloud-auth-plugin
+```
+
+- Get the cluster configuration to be written into `~/.kube/config`:
+
+```bash
+gcloud container clusters get-credentials primary \
+    --region=<your-gke-region> \
+    --project=<your-gke-project-name>
+```
+
+- Connect to the tunnel via SSH:
+
+```bash
+ssh -i ~/.ssh/<private-key> <username>@<compute-instance-ip> -L 8888:127.0.0.1:8888 -N -q -f
+```
+
+- Configure `HTTPS_PROXY` to point to `localhost:8888`:
+
+```bash
+export HTTPS_PROXY=localhost:8888
+```
+
+- Confirm connection to the GKE cluster:
+
+```bash
+kubectl get all
+kubectl get ns
+```
diff --git a/modules/bastion/main.tf b/modules/bastion/main.tf
index 1ca4f38..23b5681 100644
--- a/modules/bastion/main.tf
+++ b/modules/bastion/main.tf
@@ -22,7 +22,7 @@ resource "google_compute_instance" "bastion" {
 
   metadata_startup_script = file("../modules/bastion/startup.sh")
 
-  // Allow the instance to be stopped by Terraform when updating configuration.
+  # Allow the instance to be stopped by Terraform when updating configuration.
   allow_stopping_for_update = true
   network_interface {
     subnetwork = var.subnet_name
@@ -39,9 +39,9 @@ resource "google_compute_instance" "bastion" {
     enable-oslogin : "TRUE"
   }
 
-  /* local-exec providers may run before the host has fully initialized.
-  However, they are run sequentially in the order they were defined.
-  This provider is used to block the subsequent providers until the instance is available. */
+  # local-exec providers may run before the host has fully initialized.
+  # However, they are run sequentially in the order they were defined.
+  # This provider is used to block the subsequent providers until the instance is available.
   #   provisioner "local-exec" {
   #     command = <<EOF
   #         READY=""
@@ -62,13 +62,13 @@ resource "google_compute_instance" "bastion" {
   #   }
 }
 
-// Allow access to the Bastion Host via SSH.
+# Allow access to the Bastion Host via SSH.
 resource "google_compute_firewall" "bastion-ssh" {
   name          = format("%s-bastion-ssh", var.vpc_name)
   network       = var.vpc_name
   direction     = "INGRESS"
   project       = var.project_id
-  source_ranges = ["0.0.0.0/0"] // TODO: Restrict further.
+  source_ranges = ["0.0.0.0/0"]
 
   allow {
     protocol = "tcp"
diff --git a/modules/k8s/main.tf b/modules/k8s/main.tf
index 9c94a44..7c1a8bc 100644
--- a/modules/k8s/main.tf
+++ b/modules/k8s/main.tf
@@ -30,7 +30,6 @@ resource "google_container_cluster" "my_gke" {
   }
 
   dynamic "master_authorized_networks_config" {
-    // TODO
     for_each = var.authorized_ipv4_cidr_block != null ? [var.authorized_ipv4_cidr_block] : []
     content {
       cidr_blocks {
@@ -81,7 +80,7 @@ resource "google_container_node_pool" "gke_linux_node_pool" {
   node_config {
     preemptible  = true
     machine_type = "e2-small"
-    image_type   = "COS_CONTAINERD" #containerd
+    image_type   = "COS_CONTAINERD"
 
     labels = {
       role    = "general"