Cloud function with public invoker privileges
GCP cloud function {GcpCloudFunction} was detected running with public invoker privileges, allowing any user on the internet to invoke the...
GCP cloud function {GcpCloudFunction} was detected running with public invoker privileges, allowing any user on the internet to invoke the...
The IAM database authentication feature is disabled for the RDS instance {AwsRdsDbInstance}. With the feature enabled, AWS RDS generates a...
Elastic Beanstalk (EB) allows you to deploy and manage an application without having to deal with the infrastructure that runs...
Every node stores its metadata on a metadata server. Some of this metadata, such as kubelet credentials and the VM...
Legacy Authorization, also known as Attribute-Based Access Control (ABAC) has been superseded by Role-Based Access Control (RBAC) and is not...
In a private cluster, the master node has two endpoints, a private and public endpoint. The private endpoint is the...
Orca has detected that the EKS node {K8sNode} has a public IP address. Disabling public IP addresses on cluster nodes...
Orca has detected that the EKS Cluster {AwsEksCluster} does not utilize Fargate in order to run its tasks. If you...
The EKS Cluster Service Account only requires pull access to containers to deploy onto Amazon EKS. Restricting permissions follows the...