Workload misconfigurations

Kubernetes node’s Kube-Proxy configuration file owner is not root

Risk Level

Informational (4)

  • N/A


The kube-proxy kubeconfig file controls various parameters of the kube-proxy service in the worker node. Orca has detected that the kube-proxy's kubeconfig file owner on {K8sNode.Vm} is set to {Vm.K8sKubeProxyConfigs.ConfigFile.Group}:{Vm.K8sKubeProxyConfigs.ConfigFile.UserName}. The file should be owned by root:root.
  • Recommended Mitigation

    Consider setting {K8sNode}'s Kube-Proxy kubeconfig file owner to the root user.