Kubernetes node's kubelet configuration file owner is not root

Workload misconfigurations

Kubernetes node’s kubelet configuration file owner is not root

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

AKS CIS
CCPA
CPRA
EKS CIS
ISO/IEC 27001
K8s CIS
K8s OWASP Top 10
Mitre ATT&CK
NIST 800-171
NIST 800-190
NIST 800-53
PDPA
STIG K8s
UK Cyber Essentials

Description

The kubeconfig file for kubelet controls various parameters for the kubelet service in the worker node. Orca has detected that the kubelet's kubeconfig file owner on {K8sNode.Vm} is set to {Vm.K8sKubeletKubeConfigs.ConfigFile.Group}:{Vm.K8sKubeletKubeConfigs.ConfigFile.UserName}. The file should be owned by root:root.

Recommended Mitigation

Set {K8sNode}'s Kubelet kubeconfig file owner to the root user.

Kubernetes node’s kubelet configuration file owner is not root

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS