K8S API server configuration etcd encryption is not configured

Best practices

K8S API server configuration etcd encryption is not configured

Platform(s)

Compliance Frameworks

CCPA
CPRA
iso_27001_2022
iso_27002_2022
K8s CIS
K8s OWASP Top 10
Mitre ATT&CK
NIST 800-171
NIST 800-190
NIST 800-53
PDPA
UK Cyber Essentials

Description

etcd is a highly-available key value store used by Kubernetes deployments for persistent storage of all of its REST API objects. These objects are sensitive in nature and should be protected by client authentication. This requires the API server to identify itself to the etcd server using a client certificate and key. Orca has detected that the '--etcd-certfile' or '--etcd-keyfile' are not set to a valid cert and key files.

Demo the Orca Platform-> In just 10 minutes, you’ll see how Orca Security can revolutionize your cloud security strategy. Watch a recorded demo from a cloud security expert now.

K8S API server configuration etcd encryption is not configured

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS