Suspicious activity

EKS Cluster with Persistence:Kubernetes/ContainerWithSensitiveMount GuardDuty Alert Found

Risk Level

Informational (4)

Compliance Frameworks


A container was launched with a configuration that included a sensitive host path with write access in the volumeMounts section. This makes the sensitive host path accessible and writable from inside the container.
  • Recommended Mitigation

    It is recommended to restrict the access to the cluster and attend any additional alerts linked to it.