Best practices

K8S API server configuration without EventRateLimit admissions control plugin

Risk Level

Informational (4)

Platform(s)
  • N/A

Compliance Frameworks

Description

It was found that the API server configuration admission control plugins parameter does not include 'EventRateLimit'. An admission controller is a code which being executed after the request authentication and authorization in order to validate it or change it. The EventRateLimit plugin mitigates api server flooding by setting a rate limit.
  • Recommended Mitigation

    It is recommended to include the EventRateLimit plugin in the '--enable-admission-plugins' parameter and configure a rate limit.