API server should have the anonymous-auth argument set to false

Set up the kubernetes integration.

Description

Anonymous requests to the kubelet server should be disabled. When enabled, requests that are not rejected by other configured authentication methods are treated as anonymous requests. These requests are then served by the kubelet server.

Remediation

  1. If using a kubelet config file, edit the file to set authentication: anonymous:enabled to authentication: anonymous:false.

  2. If using executable arguments, edit the kubelet service file /etc/systemd/system/kubelet.service.d/10-kubeadm.conf on each worker node and set the below parameter in the KUBELET_SYSTEM_PODS_ARGS variable:

--anonymous-auth=false
  1. Restart the kubelet service.