While I can’t give you a definitive answer on K8S, you should also monitor the main certificate expiration. You can find the expiration date from the browser on your IFS Cloud page.
Also see https://docs.ifs.com/techdocs/23r2/030_administration/120_monitoring/020_app_mon/100_app_mon_metrics/030_app_mon_metrics/140_certificate/ .

The main certificate is set in the beginning of your ifscloud-values.yaml -file , from a file on your management server. You do need to renew the file and install it using the ‘mtinstaller’ feature (which also runs as part of a normal delivery install).

Rebuilding the linux box also regenerates K8S certificates, as they are generated by the system. This needs to be done anyhow to update remote-bins with new versions, which is expected to occur at least yearly if not twice. If updates are not made, it is possible to reinstall the Kubernetes cluster by re-running the main.ps1 -script, specifically the
.\main.ps1 -resource 'KUBERNETES'
bit. See https://docs.ifs.com/techdocs/23r2/070_remote_deploy/010_installing_fresh_system/030_preparing_server/50_windows_managementserver/#install_or_reinstall_kubernetes_cluster .
Reinstalling Kubernetes requires the next steps as well, to get the config and reinstall IFS.
Note! mtinstaller should be used on installer.cmd to avoid unnecessary input on the database.

https://docs.ifs.com/techdocs/23r2/070_remote_deploy/010_installing_fresh_system/030_preparing_server/50_management_server/  (direct links seem to have changed)