Workload misconfigurations

Kubernetes node’s kubelet configuration file owner is not root


The kubeconfig file for kubelet controls various parameters for the kubelet service in the worker node. Orca has detected that the kubelet's kubeconfig file owner on {K8sNode.Vm} is set to {Vm.K8sKubeletKubeConfigs.ConfigFile.Group}:{Vm.K8sKubeletKubeConfigs.ConfigFile.UserName}. The file should be owned by root:root.
  • Recommended Mitigation

    Set {K8sNode}'s Kubelet kubeconfig file owner to the root user.