An EKS Cluster's Kubelet should have the eventRecordQPS entry set

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

Security relevant information should be captured. The eventRecordQPS setting in the Kubelet configuration controls the rate at which events are recorded, limiting the maximum number of events created per second. Setting this value too low may result in important events not being logged. Conversely, setting it to 0 (unlimited) could lead to a denial of service on the Kubelet.

Remediation

Choose a remediation method from below. For both steps, a restart of the Kubelet service is required.

Kubelet config file

  1. Add the json below to this file: <path-to-file>/10-kubeadm.conf
"eventRecordQPS": <integer>

Note: The default value is 50. The recommended value is 0 for unlimited.

Executable arguments

Note: The executable argument has been deprecated for this feature.

PREVIEWING: Cyril-Bouchiat/add-vm-package-explorer-doc