EKS Kubernetes API server publicly accessible - Complete Cloud Security in Minutes - Orca Security

Network misconfigurations

EKS Kubernetes API server publicly accessible

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
CPRA
Data Security Posture Management (DSPM) Best Practices
EKS CIS
GDPR
HITRUST
ISO 27701
ISO/IEC 27001
Mitre ATT&CK
NIST 800-171
NIST 800-190
NIST 800-53
Orca Best Practices
PDPA
UK Cyber Essentials

Description

The API server of {AwsEksCluster} is publicly accessible. This leaves the Kubernetes API server exposed to unauthorized access.

Recommended Mitigation

We recommend enable private access to the Kubernetes API server so that all communication between your nodes and the API server stays within your VPC. You can limit the IP addresses that can access your API server from the Internet, or completely disable Internet access to the API server.

See Orca in action

See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.