EKS Clusters should have cluster control plane logging turned on
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Service | eks |
| Provider | AWS |
| Vulnerability Type | omission |
Description#
The EKS cluster configuration does not enable control plane logging for critical components such as API, audit, authenticator, controller manager, and scheduler. Without these logs, important activity within the cluster control plane is not captured.
Impact#
Lack of control plane logging makes it difficult to detect, investigate, and respond to unauthorized access or misconfigurations, increasing the risk of undetected security incidents and compliance violations within the Kubernetes environment.
Resolution#
Enable logging for the EKS control plane