Medium

Ensure Ingress does not use unsafe annotations

Security & Compliance
No items found.
Description

When running Kubernetes clusters, ingress resources are used to expose services outside of the cluster. However, some annotations can pose a security risk by exposing sensitive information or allowing unsafe configurations. To ensure ingress does not use unsafe annotations, it is important to review and restrict the use of annotations that can be exploited by attackers. For example, the nginx.ingress.kubernetes.io/auth-secret annotation can be used to configure basic authentication credentials for an ingress resource. If the value of the annotation is a secret, an attacker who gains access to the secret can potentially gain access to the ingress. Therefore, it is recommended to review the annotations used in ingress resources and remove any unsafe annotations that could lead to security vulnerabilities.

Remediation

To remediate the issue of ensuring Ingress does not use unsafe annotations, follow the below steps:

  1. Identify the unsafe annotations in the Ingress resources. Review the Kubernetes documentation for a list of allowed annotations and remove the unsafe ones.
  2. Update the Kubernetes admission controller configuration to block the use of any unsafe annotations by modifying the controller manager configuration.
  3. Configure the Kubernetes admission controller to enforce a validating webhook that checks the annotations on Ingress resources during the creation or update of the resource.
  4. Use a tool like kube-bench to automatically detect unsafe Ingress annotations and alert administrators to remediate them.
  5. Educate developers on the importance of not using unsafe annotations in Kubernetes Ingress resources, and make it a part of the standard security training and practices.

By implementing the above steps, an organization can ensure that the Kubernetes Ingress resources do not use any unsafe annotations, thereby reducing the risk of potential security breaches.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.