AKS Private Cluster Disabled
- Query id: 599318f2-6653-4569-9e21-041d06c63a89
- Query name: AKS Private Cluster Disabled
- Platform: Terraform
- Severity: Medium
- Category: Insecure Configurations
- CWE: 732
- URL: Github
Description¶
Azure Kubernetes Service (AKS) API should not be exposed to the internet
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "azurerm_kubernetes_cluster" "positive1" {
name = "example-aks1"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
dns_prefix = "exampleaks1"
private_cluster_enabled = false
}
Positive test num. 2 - tf file
resource "azurerm_kubernetes_cluster" "positive2" {
name = "example-aks1"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
dns_prefix = "exampleaks1"
}