Detections
Analytics

Ensure readiness probe is configured for containers in all Kubernetes workloads

LOW

Description

Having a readiness probe configured will help ensure that a container is functional throughout the container lifecycle. If the workload is not showing as ready in accordance with the probe, traffic will not be sent to it. This helps reduce errors and can provide stability. For more information on readiness probes, see the Kubernetes documentation.
References:
https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/

Remediation

Numerous resource kinds can use use readiness probes in Kubernetes. To add a readiness probe, configure a readinessProbe section within the spec.containers section for the specific kind. To learn more about how to configure a readiness probe and all of the necessary components, see the Kubernetes documentation.

References:
https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/

Policy Details

Rule Reference ID: AC_K8S_0072
CSP: Kubernetes
Remediation Available: No
Domain: Security Best Practices
Resource: kubernetes_pod
Resource Category: Compute
Resource Type: Pod

Frameworks