Auditing the Kubernetes API Server provides a security-relevant chronological set of records documenting the sequence of activities that have affected system by individual users, administrators or other components of the system. Even though currently, Kubernetes provides only basic audit capabilities, it should be enabled.
Recommended Mitigation
It is recommended to set the '--audit-log-path' parameter in the configuration file to enable logging.
Best practices
