K8S API server authentication to kubelet endpoint is not set - Complete Cloud Security in Minutes - Orca Security

Authentication

K8S API server authentication to kubelet endpoint is not set

Risk Level

Informational (4)

Platform(s)

N/A

Compliance Frameworks

K8s CIS

Description

It was found that the authentication from the API server to the kubelet endpoints is not set. By default the server does not authenticate itself and its commands are treated anonymously.

Recommended Mitigation

It is recommended configure authentication to the endpoint by setting '--kubelet-client-certificate', '--kubelet-client-key' parameters.

See Orca in action

See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.