Service Type is NodePort

  • Query id: 845acfbe-3e10-4b8e-b656-3b404d36dfb2
  • Query name: Service Type is NodePort
  • Platform: Kubernetes
  • Severity: Low
  • Category: Networking and Firewall
  • CWE: 665
  • URL: Github

Description

Service type should not be NodePort
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  type: NodePort
  selector:
    app: MyApp
  ports:
    - port: 80
      targetPort: 80
      nodePort: 30007

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
apiVersion: v1
kind: Service
metadata:
  name: my-service
spec:
  selector:
    app: MyApp
  ports:
    - protocol: TCP
      port: 80
      targetPort: 9376
  clusterIP: 10.0.171.239
  type: LoadBalancer
status:
  loadBalancer:
    ingress:
    - ip: 192.0.2.127