C-0257 - Workload with PVC access

Framework

security, WorkloadScan

Severity

Medium

Description of the the issue

This control detects workloads that have mounted PVC. Workloads with PVC access can potentially expose sensitive information and elevate the risk of unauthorized access to critical resources.

Related resources

ConfigMap, CronJob, DaemonSet, Deployment, Job, Pod, ReplicaSet, StatefulSet

What does this control test

Check if any workload has mounted PVCs by inspecting their specifications and verifying if PVC volumes are defined

Remediation

Review the workloads identified by this control and assess whether it's necessary to mount these PVCs. Remove PVC access from workloads that don't require it or ensure appropriate access controls are in place to protect sensitive information.

Example

No example