Best practices

K8s etcd using plaintext communication

Platform(s)
  • Non-platform specific

Compliance Frameworks
  • CCPA
  • ,
  • CPRA
  • ,
  • iso_27001_2022
  • ,
  • iso_27002_2022
  • ,
  • K8s CIS
  • ,
  • K8s OWASP Top 10
  • ,
  • Mitre ATT&CK
  • ,
  • NIST 800-171
  • ,
  • NIST 800-190
  • ,
  • NIST 800-53
  • ,
  • PDPA
  • ,
  • STIG K8s
  • ,
  • UK Cyber Essentials

Description

etcd is a highly-available key value store used by Kubernetes deployments for persistent storage of all of its REST API objects. These objects are sensitive in nature and should be encrypted in transit. Orca has detected that etcd is not configured to use TLS encryption.