An EKS Cluster's Kubelet configuration file should disable anonymous requests
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。
Description
Disable anonymous requests to the Kubelet server. You should rely on authentication to authorize access and disallow anonymous requests to prevent unwanted actions in your cluster.
Choose a remediation method from below. For both steps, a restart of the Kubelet service is required.
Kubelet config file
- Add the json below to this file:
/etc/kubernetes/kubelet/kubelet-config.json
"authentication": { "anonymous": { "enabled": false } }
Executable arguments
- Edit the kubelet service file on each worker node and ensure the below parameters are part of the
KUBELET_ARGS variable string.
