Etcd is accessible using insecure connection (HTTP)

HIGH
Source
Kube Hunter
ID
KHV034

Etcd is accessible using insecure connection (HTTP)

The etcd server (Kubernetes database) port is accessible over plain HTTP, and therefore unencrypted and potentially insecured.

Ensure your setup is exposing etcd only on an HTTPS port by using the etcd flags --key-file and --cert-file.