Ensure the --secure-port argument is not set to 0

Error: The --secure-port argument is set to 0

Bridgecrew Policy ID: BC_K8S_65
Checkov Check ID: CKV_K8S_89
Severity: LOW

The --secure-port argument is set to 0

Description

Do not disable the secure port. The secure port is used to serve https with authentication and authorization. If you disable it, no https traffic is served and all traffic is served unencrypted.

Fix - Buildtime

Kubernetes

  • Kind: Pod
apiVersion: v1
kind: Pod
metadata:
  creationTimestamp: null
  labels:
    component: kube-apiserver
    tier: control-plane
  name: kube-apiserver
  namespace: kube-system
spec:
  containers:
  - command:
+   - kube-apiserver
+   - --secure-port=80
    image: gcr.io/google_containers/kube-apiserver-amd64:v1.6.0
    ...