Network misconfigurations

Old version of vpc-cni installed on EKS cluster

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

CNI is a specification and libraries for writing plugins to configure network interfaces in Linux containers. Kubernetes network policies are enforced by the CNI plugin in use. As such it is important to ensure that the CNI plugin supports both Ingress and Egress network policies. Orca has detected that ""vpc-cni"" is in use in {AwsEksCluster}, and is not in up-to-date.
  • Recommended Mitigation

    Update the ""vpc-cni"" addon in {AwsEksCluster} to the latest version.