ACK Cluster Public Endpoint Check
ID: rule:aliyun:ack-cluster-public-endpoint-check
Severity: high
Description
ACK clusters should not have a public endpoint set, or the associated SLB listener should have ACL enabled.
Reason for Violation
The ACK cluster has a public endpoint enabled, which may expose the API server to the internet.
Recommendation
Disable the public endpoint for the ACK cluster by setting 'EndpointPublicAccess' to false.
Resource Types
ALIYUN::CS::ASKClusterALIYUN::CS::ManagedKubernetesCluster