Closed cwrx777 closed 1 month ago
Are you sure you're using etcd at all? By default, k3s uses sqlite. If you're not using etcd, then the etcd-specific bits of the hardening guide are not relevant.
Correct, the CIS scans are only considered valid if you are running K3s with embedded etcd aka --cluster-init
. Upstream and CIS don't have a concept of a non-etcd
K8s cluster when it comes to security hardening.
The etcd config is created after using --cluster-init
release: 1.29.4 I am unable to find etcd config as stated here