Ensure AKS cluster has Network Policy configured
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | container |
| Provider | Azure |
| Vulnerability Type | omission |
Description#
The AKS cluster is not configured with a network policy, allowing unrestricted communication between all pods within the cluster. Without network policies, traffic cannot be controlled or isolated between workloads.
Impact#
An attacker who compromises a single pod could freely access and interact with any other pod in the cluster, increasing the risk of lateral movement, data exposure, and disruption of services across the entire Kubernetes environment.
Resolution#
Configure a network policy