Best practices

K8S API server configuration request-timeout is more the 60 seconds

Platform(s)

  • Non-platform specific

Compliance Frameworks

CCPA, CPRA, iso_27001_2022, iso_27002_2022, K8s CIS, K8s OWASP Top 10, NIST 800-171, NIST 800-190, NIST 800-53, PDPA, STIG K8s, UK Cyber Essentials

Description

Setting global request timeout allows extending the API server request timeout limit to a duration appropriate to the user's connection speed. setting this timeout limit to be too large can exhaust the API server resources making it prone to Denial-of-Service attack. Orca has detected that the '--request-timeout' parameter is set to more then 60 seconds.
Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo