Best practices

K8S API server configuration request-timeout is more the 60 seconds

Risk Level

Informational (4)

Platform(s)
  • N/A

Compliance Frameworks

Description

Setting global request timeout allows extending the API server request timeout limit to a duration appropriate to the user's connection speed. setting this timeout limit to be too large can exhaust the API server resources making it prone to Denial-of-Service attack. Orca has detected that the '--request-timeout' parameter is set to more then 60 seconds.
  • Recommended Mitigation

    It is recommended to set the '--request-timeout' parameter in the configuration file to be less then 60 seconds.