Skip to content

Kubernetes: Security - which pods can access API server #45

New issue
New issue
Open
Open
Kubernetes: Security - which pods can access API server#45
Milestone
 
Infracheck 3.0 "Wheelwright"
@blackandred

Description

@blackandred
blackandred
opened on Jun 13, 2022

Check that should scan all pods -> their service accounts and identify if they can access API server resources (leading to leaking access to API server in case of compromising a Kubernetes node)

There could be two variants:

  • Alert if given cluster node has API key
  • Alert if given pods are having API keys

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions