Detections
Analytics

Ensure latest version of Azure Kubernetes Cluster is in use

MEDIUM

Description

Using older/un-patched versions of Azure Kubernetes Cluster may introduce a host of vulnerabilities.

Remediation

In Azure Console -

  1. Open the Azure Portal and go to Kubernetes Services.
  2. Choose the cluster you wish to edit.
  3. Under Settings, choose Cluster configuration.
  4. For Kubernetes Version, select Upgrade version.

In Terraform -

  1. In the azurerm_kubernetes_cluster resource, set kubernetes_version to the latest version.

References:
https://learn.microsoft.com/en-us/azure/aks/auto-upgrade-cluster
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/kubernetes_cluster#kubernetes_version

Policy Details

Rule Reference ID: AC_AZURE_0281
CSP: Azure
Remediation Available: Yes
Domain: Infrastructure Security
Resource: azurerm_kubernetes_cluster
Resource Category: Compute
Resource Type: Azure Kubernetes Service (AKS)

Frameworks