From 39dfe93b686e71de8c9e9d8d88f636537815b47c Mon Sep 17 00:00:00 2001 From: Konstantinos Tsakalozos Date: Mon, 18 Nov 2024 05:56:28 +0200 Subject: [PATCH] Ensure 127.0.0.1 for the --bind-address parameter (#1723) --- cfg/cis-1.24/master.yaml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/cfg/cis-1.24/master.yaml b/cfg/cis-1.24/master.yaml index bd11d8b..8d132a3 100644 --- a/cfg/cis-1.24/master.yaml +++ b/cfg/cis-1.24/master.yaml @@ -900,14 +900,11 @@ groups: text: "Ensure that the --bind-address argument is set to 127.0.0.1 (Automated)" audit: "/bin/ps -ef | grep $controllermanagerbin | grep -v grep" tests: - bin_op: or test_items: - flag: "--bind-address" compare: op: eq value: "127.0.0.1" - - flag: "--bind-address" - set: false remediation: | Edit the Controller Manager pod specification file $controllermanagerconf on the control plane node and ensure the correct value for the --bind-address parameter @@ -935,14 +932,11 @@ groups: text: "Ensure that the --bind-address argument is set to 127.0.0.1 (Automated)" audit: "/bin/ps -ef | grep $schedulerbin | grep -v grep" tests: - bin_op: or test_items: - flag: "--bind-address" compare: op: eq value: "127.0.0.1" - - flag: "--bind-address" - set: false remediation: | Edit the Scheduler pod specification file $schedulerconf on the control plane node and ensure the correct value for the --bind-address parameter