TF 0370 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
EKS Clusters should have cluster control plane logging turned on
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Service | eks |
| Provider | AWS |
| Vulnerability Type | omission |
Description
The EKS cluster configuration does not enable control plane logging for critical components such as API, audit, authenticator, controller manager, and scheduler. Without these logs, important activity within the cluster control plane is not captured.
Impact
Lack of control plane logging makes it difficult to detect, investigate, and respond to unauthorized access or misconfigurations, increasing the risk of undetected security incidents and compliance violations within the Kubernetes environment.
Resolution
Enable logging for the EKS control plane