- GG_ID: GG_IAC_0024
- Severity: HIGH
- Complexity: LOW
- Categories: NETWORK
- Providers: AWS
- Potential data exposure: False
- Visible in logs: True
- User interaction required: False
- Privileges required: False
The API server of an AKS cluster is used to communicate and interact with the cluster (such as when using kubectl).
Leaving the API server exposed to the whole internet can allow an attacker to perform distributed denial of service (DDoS) attacks on the service. In case other vulnerabilities are also present in the service, this would facilitate their exploitation.
- Denial of service.
- Could enable to exploit vulnerabilities in the cluster.
Restrict access to a limited IP range.