Verify Group Who Owns The OpenShift Admin Kubeconfig File

An XCCDF Rule

Details
Profiles
Prose

Description

To properly set the group owner of /etc/kubernetes/kubeconfig, run the command:

$ sudo chgrp root /etc/kubernetes/kubeconfig

Rationale

The /etc/kubernetes/kubeconfig file contains information about the administrative configuration of the OpenShift cluster that is configured on the system. Protection of this file is critical for OpenShift security.

ID: xccdf_org.ssgproject.content_rule_file_groupowner_kubeconfig
Severity: Medium
References: 1.1.14
Updated: about 1 year ago