Skip to main content

Leaving public access open exposes your service to the internet

  • GG_ID: GG_IAC_0022
  • Severity: MEDIUM
  • Complexity: LOW
  • Categories: NETWORK
  • Providers: AWS
  • Potential data exposure: False
  • Visible in logs: True
  • User interaction required: False
  • Privileges required: False

Description#

The access endpoint of an EKS cluster is used to communicate and interact with the cluster (such as when using kubectl).

Leaving the endpoint exposed to the internet can allow an attacker to perform distributed denial of service (DDoS) attacks on the service. In case other vulnerabilities are also present in the service, this would facilitate their exploitation.

Impact#

  • Denial of service.
  • Could enable to exploit vulnerabilities in the cluster.

Remediation guidelines#

Disable public access.

External documentation#