mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-12-22 14:48:07 +00:00
Resolved bug in master.yml for cis-1.5 for the apiserverbin variable name (#567)
Co-authored-by: Liz Rice <liz@lizrice.com>
This commit is contained in:
parent
813dc6ef47
commit
89f8e454ba
@ -734,7 +734,7 @@ groups:
|
||||
|
||||
- id: 1.2.21
|
||||
text: "Ensure that the --profiling argument is set to false (Scored)"
|
||||
audit: "/bin/ps -ef | grep $apiserver | grep -v grep"
|
||||
audit: "/bin/ps -ef | grep $apiserverbin | grep -v grep"
|
||||
tests:
|
||||
test_items:
|
||||
- flag: "--profiling"
|
||||
@ -963,7 +963,7 @@ groups:
|
||||
remediation: |
|
||||
Edit the API server pod specification file $apiserverconf
|
||||
on the master node and set the below parameter.
|
||||
--tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
|
||||
--tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256
|
||||
scored: false
|
||||
|
||||
- id: 1.3
|
||||
|
Loading…
Reference in New Issue
Block a user