Network misconfigurations

ACK cluster without network policy enabled

Platform(s)
Compliance Frameworks

AliCloud CIS, CCPA, cis_8, CPRA, ISO 27701, iso_27001_2022, iso_27002_2022, mpa, New Zealand Information Security Manual, NIST 800-171, NIST 800-190, NIST 800-53, PDPA

Description

Alibaba Cloud Container Service for Kubernetes (ACK) is a managed service compatible with Kubernetes to help users manage their containerized applications. It was detected that the Kubernetes cluster {AliCloudAckCluster} doesn't have network policy enabled. Pods in a Kubernetes cluster can communicate with one another by default which poses risks in production environments. A network policy allows you to control how pod groups can communicate with one another and with other network endpoints. Note, Kubernetes network policies are supported only by the Terway network plugin.
Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo