1.1.13 Ensure that the admin.conf file permissions are set to 600 or more restrictive

Information

Ensure that the admin.conf file has permissions of 600 or more restrictive.

Rationale:

The admin.conf is the administrator kubeconfig file defining various settings for the administration of the cluster. You should restrict its file permissions to maintain the integrity of the file. The file should be writable by only the administrators on the system.

Impact:

None.

Solution

Run the below command (based on the file location on your system) on the master node. For example,

chmod 600 /etc/kubernetes/admin.conf

Default Value:

By default, admin.conf has permissions of 640.

See Also

https://workbench.cisecurity.org/files/3891