Kubelet config file location on EKS optimized AMI based on AL2023 has changed

[orsifacundo]

Overview

When performing the checks for Worker Nodes on an EKS Optimized AMI based on Amazon Linux 2023 then the Kubelet checks (4.2) are failing as the config file for this version exists as /etc/kubernetes/kubelet/config.json instead of /etc/kubernetes/kubelet/kubelet-config.json

How did you run kube-bench?

./kube-bench --config-dir pwd/cfg --config pwd/cfg/config.yaml

Environment

kube-bench v0.6.2
AMI: amazon-eks-node-al2023-x86_64-standard-1.30-v20241115

Running processes

/usr/bin/kubelet --config-dir=/etc/kubernetes/kubelet/config.json.d --kubeconfig=/var/lib/kubelet/kubeconfig --image-credential-provider-
bin-dir=/etc/eks/image-credential-provider --image-credential-provider-config=/etc/eks/image-credential-provider/config.json --node-ip=10.0.10.220 --cloud-provider=external --hostname-overr
ide=ip-10-0-10-220.ec2.internal --config=/etc/kubernetes/kubelet/config.json

Anything else you would like to add:

After adding the proper path to the config.yaml file for kube-bench, it worked fine.

[orsifacundo]

Closing this as the new config paths have already been updated since v0.9.0 (#1637). I was using and older version of kube-bench following these installation instructions https://github.com/aquasecurity/kube-bench/blob/main/docs/installation.md#download-and-install-binaries (v0.6.2)