Kubernetes Controller Manager --root-ca-file argument is not set as appropriate

Best practices

Kubernetes Controller Manager –root-ca-file argument is not set as appropriate

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

CCPA
CPRA
ISO/IEC 27001
K8s CIS
Mitre ATT&CK
NIST 800-171
NIST 800-190
NIST 800-53
PDPA
STIG K8s
UK Cyber Essentials

Description

It was found that the argument --root-ca-file in the Controller Manager configuration file is not set as appropriate. This argument contains the path to the certificate file used for API server connection needed for relevant proccesses. Connection established without verifying the certificate could be subject to Man In the Middle attacks.

Recommended Mitigation

It is recommended to edit the Controller Manager configuration file on the master node and set the path to the certificate bundle file as a parameter to the --root-ca-file argument.

Kubernetes Controller Manager –root-ca-file argument is not set as appropriate

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS