Information
Ensure that the admin.conf file (and super-admin.conf file, where it exists) have permissions of 600.
Rationale:
As part of initial cluster setup, default kubeconfig files are created to be used by the administrator of the cluster. These files contain private keys and certificates which allow for privileged access to the cluster. You should restrict their file permissions to maintain the integrity and confidentiality of the file(s). The file(s) should be readable and writable by only the administrators on the system.
Impact:
None.
Solution
Run the below command (based on the file location on your system) on the Control Plane node. For example,
chmod 600 /etc/kubernetes/admin.conf
On Kubernetes 1.29+ the super-admin.conf file should also be modified, if present. For example,
chmod 600 /etc/kubernetes/super-admin.conf
Default Value:
By default, admin.conf and super-admin.conf have permissions of 600.