lacework-global-745
Minimize access to secrets (Automated)
Description
The Kubernetes API stores secrets, which may be service account tokens for the Kubernetes API or credentials used by workloads in the cluster. Restrict access to these secrets to the smallest possible group of users to reduce the risk of privilege escalation.
Remediation
Where possible, remove get, list and watch access to secret objects in the cluster.