Kubernetes >

Etcd Remote Write Access Event

CRITICAL

Source

Kube Hunter

KHV031

kubernetes

Etcd Remote Write Access Event

Etcd (Kubernetes' Database) is writable without authentication. This gives full control of your Kubernetes cluster to an attacker with access to etcd.

Recommended Actions

Ensure your etcd is accepting connections only from the Kubernetes API, using the --trusted-ca-file etcd flag. This is usually done by the installer, or cloud platform.

Links

etcd - Transport security model
Operating etcd clusters for Kubernetes - Securing etcd clusters

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.