Kubernetes Controller Manager -service-account-private-key-file argument is not set as appropriate - Complete Cloud Security in Minutes - Orca Security

Best practices

Kubernetes Controller Manager –service-account-private-key-file argument is not set as appropriate

Risk Level

Informational (4)

Platform(s)

N/A

Compliance Frameworks

K8s CIS

Description

It was found that the argument --service-account-private-key-file in the Controller Manager configuration file is not set as appropriate. This argument should refer to the the private key file so the key could be rotated as needed.

Recommended Mitigation

It is recommended to edit the Controller Manager configuration file on the master node and set the name of the private key file as a parameter to the --service-account-private-key-file argument.

See Orca in action

See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.