Kubernetes Controller Manager RotateKubeletServerCertificate argument is not set to true

Best practices

Kubernetes Controller Manager RotateKubeletServerCertificate argument is not set to true

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

CCPA
CPRA
ISO/IEC 27001
K8s CIS
NIST 800-171
NIST 800-190
NIST 800-53
PDPA
UK Cyber Essentials

Description

It was found that the argument RotateKubeletServerCertificate under --feature-gate in the Controller Manager configuration file is not set to true. In case Kubelets get their certificates from the API server, this argument helps both requesting a serving certificate after bootstrapping and rotate their client credentials.

Recommended Mitigation

It is recommended to edit the Controller Manager configuration file on the master node and set the value ""True"" to the --feature-gates=RotateKubeletServerCertificate argument.

Kubernetes Controller Manager RotateKubeletServerCertificate argument is not set to true

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS