Best practices

K8S API server configuration does not use audit-log-path

Risk Level

Informational (4)

Platform(s)
  • N/A

Compliance Frameworks

Description

Auditing the Kubernetes API Server provides a security-relevant chronological set of records documenting the sequence of activities that have affected system by individual users, administrators or other components of the system. Even though currently, Kubernetes provides only basic audit capabilities, it should be enabled.
  • Recommended Mitigation

    It is recommended to set the '--audit-log-path' parameter in the configuration file to enable logging.