The Kubernetes etcd key-value store provides a way to store data to the Control Plane. If these files can be changed, data to API object and the Control Plane would be compromised. The scheduler will implement the changes immediately. Many of the security settings within the document are implemented through this file.
Check
Review the ownership of the Kubernetes etcd files by using the command:
stat -c %U:%G /var/lib/etcd/* | grep -v etcd:etcd
If the command returns any non etcd:etcd file permissions, this is a finding.
Fix
Change the ownership of the manifest files to etcd:etcd by executing the command: