C-0088 - RBAC enabled

Prerequisites

Integrate with cloud provider (see here)

Framework

cis-aks-t1.2.0, ClusterScan, AllControls

Severity

High

Description of the the issue

RBAC is the most advanced and well accepted mode of authorizing users of the Kubernetes API

Related resources

Pod

What does this control test

Testing API server or managed Kubernetes vendor API to determine if RBAC is enabled

Remediation

Enable RBAC either in the API server configuration or with the Kubernetes provider API

Example

No example