Network misconfigurations

ack cluster without network policy enabled

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Alibaba Cloud Container Service for Kubernetes (ACK) is a managed service compatible with Kubernetes to help users manage their containerized applications. It was detected that the Kubernetes cluster {AliCloudAckCluster} doesn't have network policy enabled. Pods in a Kubernetes cluster can communicate with one another by default which poses risks in production environments. A network policy allows you to control how pod groups can communicate with one another and with other network endpoints. Note, Kubernetes network policies are supported only by the Terway network plugin.