Network misconfigurations

ACK cluster with public endpoint


Alibaba Cloud Container Service for Kubernetes (ACK) is a managed service compatible with Kubernetes to help users manage their containerized applications. It was detected that the Kubernetes cluster {AliCloudAckCluster} is publicly accessible. Making your cluster private will make it inaccessible from the public internet. Nodes in a private cluster do not have public IP addresses. Therefore your workloads run in an environment that is isolated from the internet. Besides security, using a private cluster will also improve the network latency and may reduce the network costs, as Alibaba Cloud charges for communication with external IPs.