Merge branch 'master' into fix-2.1.8

6 years ago · 6e80b6477a
parent 6d8788071f e1f5bb1ace
commit 6e80b6477a
1 changed files with 3 additions and 3 deletions
--- a/cfg/1.11/master.yaml
+++ b/cfg/1.11/master.yaml
@ -607,15 +607,15 @@ groups:
    text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)"
    audit: "ps -ef | grep $apiserverbin | grep -v grep"
    tests:
-      bin_op: and
+      bin_op: or
      test_items:
      - flag: "--feature-gates"
        compare:
          op: nothave
          value: "AdvancedAuditing=false"
        set: true
-      - flag: "--audit-policy-file"
-        set: true
+      - flag: "--feature-gates"
+        set: false
    remediation: |
      Follow the Kubernetes documentation and set the desired audit policy in the
      /etc/kubernetes/audit-policy.yaml file. Then, edit the API server pod specification file $apiserverconf