arno/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2025-07-20 21:48:09 +00:00
Code Issues Releases Wiki Activity

add support VMware Tanzu(TKGI) Benchmarks v1.2.53

Browse Source 
fixed all the yaml lint errors
This commit is contained in:
Kiran Bodipi 2023-06-01 13:11:05 +05:30
commit 5ca84a80df
6 changed files with 35 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cfg/tkgi-1.2.53/node.yaml
View File

@ -55,7 +55,7 @@ groups:
- id: 4.1.4
text: "Ensure that the proxy kubeconfig file ownership is set to root:root"
audit: stat -c %U:%G /var/vcap/jobs/kube-proxy/config/kubeconfig
type: manual
type: manual
tests:
test_items:
- flag: root:root
@ -181,7 +181,7 @@ groups:
- id: 4.2.2
text: "Ensure that the --authorization-mode argument is not set to AlwaysAllow"
audit: |
audit: |
grep "^authorization:\n\s{2}mode: AlwaysAllow$" /var/vcap/jobs/kubelet/config/kubeletconfig.yml
tests:
test_items:
@ -331,7 +331,7 @@ groups:
- id: 4.2.10
text: "Ensure that the --tls-cert-file and --tls-private-key-file arguments are set as appropriate"
audit: |
audit: |
grep ^tlsCertFile:\s\"\/var\/vcap\/jobs\/kubelet\/config\/kubelet\.pem\"\ntlsPrivateKeyFile:\s\"\/var\/vcap\/jobs\/kubelet\/config\/kubelet-key\.pem\"$
/var/vcap/jobs/kubelet/config/kubeletconfig.yml
tests: