From 451721a1cf21aafb18ef1bf88a5147a34f885304 Mon Sep 17 00:00:00 2001 From: Liz Rice Date: Wed, 11 Mar 2020 15:48:07 +0000 Subject: [PATCH] Add GKE into list of support tests (#597) Also adds links to the Kubernetes benchmarks Fixes #596 --- README.md | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index d5dcbd2..13813ae 100644 --- a/README.md +++ b/README.md @@ -43,21 +43,17 @@ Table of Contents ## CIS Kubernetes Benchmark support -kube-bench supports the tests for Kubernetes as defined in the CIS Benchmarks 1.3.0 to 1.5.0 respectively. +kube-bench supports the tests for Kubernetes as defined in the [CIS Kubernetes Benchmarks](https://www.cisecurity.org/benchmark/kubernetes/). | CIS Kubernetes Benchmark | kube-bench config | Kubernetes versions | |---|---|---| -| 1.3.0| cis-1.3 | 1.11-1.12 | -| 1.4.1| cis-1.4 | 1.13-1.14 | -| 1.5.0 | cis-1.5 | 1.15- | - - -By default, kube-bench will determine the test set to run based on the Kubernetes version running on the machine. - -kube-bench has preliminary support for Red Hat's OpenShift Hardening Guide for 3.10 and 3.11. -There is also preliminary support for Google's Kubernetes Engine starting from Kubernetes 1.15. -Please note that kube-bench does not automatically detect OpenShift and GKE - see below. +| [1.3.0](https://workbench.cisecurity.org/benchmarks/602) | cis-1.3 | 1.11-1.12 | +| [1.4.1](https://workbench.cisecurity.org/benchmarks/2351) | cis-1.4 | 1.13-1.14 | +| [1.5.0](https://workbench.cisecurity.org/benchmarks/1370) | cis-1.5 | 1.15- | +| [GKE 1.0.0](https://workbench.cisecurity.org/benchmarks/4536) | gke-1.0 | GKE | +| Red Hat OpenShift hardening guide | rh-0.7 | OCP 3.10-3.11 | +By default, kube-bench will determine the test set to run based on the Kubernetes version running on the machine, but please note that kube-bench does not automatically detect OpenShift and GKE - see the section below on [Running kube-bench](https://github.com/aquasecurity/kube-bench#running-kube-bench). ## Installation