1.2.4 Ensure that the --kubelet-https argument is set to true

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Use https for kubelet connections.


Connections from apiserver to kubelets could potentially carry sensitive data such as secrets and keys. It is thus important to use in-transit encryption for any communication between the apiserver and kubelets.


You require TLS to be configured on apiserver as well as kubelets.


Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the master node and remove the --kubelet-https parameter.

Default Value:

By default, kubelet connections are over https.

See Also