diff --git a/cfg/cis-1.5/controlplane.yaml b/cfg/cis-1.5/controlplane.yaml index 94bfff7..51c2612 100644 --- a/cfg/cis-1.5/controlplane.yaml +++ b/cfg/cis-1.5/controlplane.yaml @@ -21,7 +21,11 @@ groups: checks: - id: 3.2.1 text: "Ensure that a minimal audit policy is created (Scored)" - type: "manual" + audit: "/bin/ps -ef | grep $apiserverbin | grep -v grep" + tests: + test_items: + - flag: "--audit-policy-file" + set: true remediation: | Create an audit policy file for your cluster. scored: true diff --git a/cfg/cis-1.6/controlplane.yaml b/cfg/cis-1.6/controlplane.yaml index c116fdb..d4038c3 100644 --- a/cfg/cis-1.6/controlplane.yaml +++ b/cfg/cis-1.6/controlplane.yaml @@ -21,7 +21,11 @@ groups: checks: - id: 3.2.1 text: "Ensure that a minimal audit policy is created (Manual)" - type: "manual" + audit: "/bin/ps -ef | grep $apiserverbin | grep -v grep" + tests: + test_items: + - flag: "--audit-policy-file" + set: true remediation: | Create an audit policy file for your cluster. scored: false diff --git a/cfg/config.yaml b/cfg/config.yaml index 52360fb..c25c103 100644 --- a/cfg/config.yaml +++ b/cfg/config.yaml @@ -186,7 +186,15 @@ etcd: defaultconf: /etc/kubernetes/manifests/etcd.yaml controlplane: - components: [] + components: + - apiserver + + apiserver: + bins: + - "kube-apiserver" + - "hyperkube apiserver" + - "hyperkube kube-apiserver" + - "apiserver" policies: components: [] diff --git a/integration/testdata/cis-1.5/job.data b/integration/testdata/cis-1.5/job.data index 89d6d35..e3a6456 100644 --- a/integration/testdata/cis-1.5/job.data +++ b/integration/testdata/cis-1.5/job.data @@ -193,7 +193,7 @@ on the master node and set the below parameter. [INFO] 3.1 Authentication and Authorization [WARN] 3.1.1 Client certificate authentication should not be used for users (Not Scored) [INFO] 3.2 Logging -[WARN] 3.2.1 Ensure that a minimal audit policy is created (Scored) +[FAIL] 3.2.1 Ensure that a minimal audit policy is created (Scored) [WARN] 3.2.2 Ensure that the audit policy covers key security concerns (Not Scored) == Remediations == @@ -208,8 +208,8 @@ minimum. == Summary == 0 checks PASS -0 checks FAIL -3 checks WARN +1 checks FAIL +2 checks WARN 0 checks INFO [INFO] 4 Worker Node Security Configuration [INFO] 4.1 Worker Node Configuration Files