Note: this control relevant for cloud managed Kubernetes cluster
ArmoBest, MITRE, NSA, AllControls
etcd is a consistent and highly-available key value store used as Kubernetes' backing store for all cluster data. All object data in Kubernetes, like secrets, are stored there. This is the reason why it is important to protect the contents of etcd and use its data encryption feature.
Reading the cluster description from the managed cloud API (EKS, GKE), or the API server pod configuration for native K8s and checking if etcd encryption is enabled
Turn on the etcd encryption in your cluster, for more see the vendor documentation.
Updated 15 days ago