From 27df1f60ed4523f2a0b254d8e5ab16323e492781 Mon Sep 17 00:00:00 2001
From: Liz Rice <liz@lizrice.com>
Date: Sat, 1 Jun 2019 18:17:09 +0200
Subject: [PATCH] Clarification about worker nodes in managed k8s
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Because we don’t want to put people off running kube-bench altogether in these environments
---
 README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index fbd261c..c4ddf29 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,9 @@
 
 <img src="images/kube-bench.png" width="200" alt="kube-bench logo">
 
-kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the [CIS Kubernetes Benchmark](https://www.cisecurity.org/benchmark/kubernetes/). Note that it is impossible to inspect master nodes of managed clusters, e.g. GKE, EKS and AKS, using kube-bench as one does not have access to such nodes.
+kube-bench is a Go application that checks whether Kubernetes is deployed securely by running the checks documented in the [CIS Kubernetes Benchmark](https://www.cisecurity.org/benchmark/kubernetes/). 
+
+Note that it is impossible to inspect the master nodes of managed clusters, e.g. GKE, EKS and AKS, using kube-bench as one does not have access to such nodes, although it is still possible to use kube-bench to check worker node configuration in these environments.
 
 Tests are configured with YAML files, making this tool easy to update as test specifications evolve.