Best practices

K8s etcd using plaintext communication

Risk Level

Informational (4)

  • N/A


etcd is a highly-available key value store used by Kubernetes deployments for persistent storage of all of its REST API objects. These objects are sensitive in nature and should be encrypted in transit. Orca has detected that etcd is not configured to use TLS encryption.
  • Recommended Mitigation

    It is recommended to follow the etcd service documentation and configure TLS encryption, and edit the etcd pod specification file accordingly.