Information
Kubernetes can audit the details of requests made to the API server. The --audit-policy-file flag must be set for this logging to be enabled.
Rationale:
Logging is an important detective control for all systems, to detect potential unauthorized access.
Impact:
Audit logs will be created on the master nodes, which will consume disk space. Care should be taken to avoid generating too large volumes of log information as this could impact the available of the cluster nodes.
Solution
Create an audit policy file for your cluster.
Default Value:
Unless the --audit-policy-file flag is specified, no auditing will be carried out.