Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kubernetes API server security #32

Open
lzianekhodja-aneo opened this issue Jun 22, 2023 · 1 comment
Open

Kubernetes API server security #32

lzianekhodja-aneo opened this issue Jun 22, 2023 · 1 comment
Assignees
@lzianekhodja-aneo
Labels
Support

Comments

@lzianekhodja-aneo
Copy link
Contributor

lzianekhodja-aneo commented Jun 22, 2023
edited
Loading

SSL/TLS: Known Untrusted / Dangerous Certificate Authority (CA) Detection on 6443/tcp and 8443/tcp
@lzianekhodja-aneo lzianekhodja-aneo self-assigned this Jun 22, 2023
@lzianekhodja-aneo
Copy link
Contributor Author

Response:

Activate TLSv1.3 and cipher suite EECDH+AESGCM:EECDH+AES256 on Kubernetes

AWS EKS is a managed kubernetes offering. Kubernetes control plane components such as API Server, ETCD are installed, managed and upgraded by AWS. Hence you can neither see these components nor can exec into these components.

In EKS, the kube-controller-manager is managed by AWS (along with the other components) and you cannot modify its parameters. So, in AWS EKS you can only play with the worker nodes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lzianekhodja-aneo lzianekhodja-aneo

Labels
Support
Projects
ArmoniK
Archived in project
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lzianekhodja-aneo