Kube-hunter hunts for security weaknesses in Kubernetes clusters
View the Project on GitHub aquasecurity/kube-hunter
Etcd (Kubernetes’ Database) is accessible without authentication. This exposes the entire state of your Kubernetes cluster to the reader.
Ensure your etcd is accepting connections only from the Kubernetes API, using the --trusted-ca-file
etcd flag. This is usually done by the installer, or cloud platform.