The Kubernetes API server secure port should be enabled

Documentos > Datadog Security > OOTB Rules > The Kubernetes API server secure port should be enabled

Set up the kubernetes integration.

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

The secure port should not be disabled. The secure port is used to serve https with authentication and authorization. If you disable it, no https traffic is served and all traffic is served unencrypted.

Remediation

Edit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the master node, and either remove the --secure-port parameter or set it to a different (non-zero) desired port. For example, --secure-port=6443 which is also the default value.