ACK Cluster RRSA Enabled
ID: rule:aliyun:ack-cluster-rrsa-enabled
Severity: medium
Description
Ensures that the RAM Roles for Service Accounts (RRSA) feature is enabled for the ACK cluster.
Reason for Violation
RRSA allows pods to assume RAM roles, providing a more secure and fine-grained way to manage permissions.
Recommendation
Enable RRSA for the ACK cluster.
Resource Types
ALIYUN::CS::AnyClusterALIYUN::CS::ManagedKubernetesCluster