Detections
Analytics
Ensure Kubernetes Network policy does not allow ingress from public IPs to access sql servers
HIGH
Description
Configuring your Kubernetes Network policy ingress from public IPs address for port '3306' can allow anonymous/malicious outside traffic to connect to SQL specific workloads running inside your cluster.
Remediation
To ensure outside malicious traffic is not allowed to connect to SQL specific workload inside your Kubernetes cluster, then configure your Kubernetes Network policy for port '3306' to allow from pods internally.
Policy Details
Rule Reference ID: AC_K8S_0016
CSP: Kubernetes
Remediation Available: No
Domain: Infrastructure Security
Resource: kubernetes_network_policies
Resource Category: Virtual Network
Resource Type: Network Policies