Detections
Analytics

Ensure Kubernetes Network policy does not allow ingress from public IPs to SSH

HIGH

Description

Configuring your Kubernetes Network policy ingress from public IPs address for port '22' can allow anonymous/malicious outside traffic to make SSH with the workload running inside your cluster.

Remediation

To ensure outside malicious traffic is not allowed to create SSH connections inside your Kubernetes cluster, then configure your Kubernetes Network policy for port '22' to allow from pods internally.

Policy Details

Rule Reference ID: AC_K8S_0015
CSP: Kubernetes
Remediation Available: No
Domain: Infrastructure Security
Resource: kubernetes_network_policies
Resource Category: Virtual Network
Resource Type: Network Policies

Frameworks