Vendor services misconfigurations

AKS cluster is using publicly accessible nodes

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

It was detected that {AzureAksCluster} cluster has public nodes. Disabling public IP addresses on cluster nodes restricts access to only internal networks, forcing attackers to obtain local network access before attempting to compromise the underlying Kubernetes hosts.

  • Recommended Mitigation

    It is recommended to enable private access to Kubernetes Nodes in use by AKS. For more information see <a href="https://learn.microsoft.com/en-us/azure/aks/private-clusters" target="_blank" rel="noopener noreferrer">https://learn.microsoft.com/en-us/azure/aks/private-clusters</a>

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.