C-0104 - Ensure that the admin.conf file permissions are set to 600
Run Kubescape with host sensor (see here)
Description of the the issue
admin.conf is the administrator kubeconfig file defining various settings for the administration of the cluster. This file contains private key and respective certificate allowed to fully manage the cluster. You should restrict its file permissions to maintain the integrity and confidentiality of the file. The file should be readable and writable by only the administrators on the system.
What does this control test
Ensure that the
admin.conf file has permissions of
How to check it manually
Run the following command (based on the file location on your system) on the Control Plane node. For example,
stat -c %a /etc/kubernetes/admin.conf
Verify that the permissions are
600 or more restrictive.
Run the below command (based on the file location on your system) on the Control Plane node. For example,
chmod 600 /etc/kubernetes/admin.conf
By default, admin.conf has permissions of
Updated 10 days ago