arno/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-22 16:18:07 +00:00
Code Issues Releases Wiki Activity

Resolved bug in master.yml for cis-1.5 for the apiserverbin variable name (#567)

Browse Source 
Co-authored-by: Liz Rice <liz@lizrice.com>
This commit is contained in:
mustafa-rean 2020-01-22 19:30:23 +05:30 committed by Liz Rice
parent 813dc6ef47
commit 89f8e454ba
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cfg/cis-1.5/master.yaml
View File

@ -734,7 +734,7 @@ groups:
- id: 1.2.21 - id: 1.2.21
text: "Ensure that the --profiling argument is set to false (Scored)" text: "Ensure that the --profiling argument is set to false (Scored)"
audit: "/bin/ps -ef | grep $apiserver | grep -v grep" audit: "/bin/ps -ef | grep $apiserverbin | grep -v grep"
tests: tests:
test_items: test_items:
- flag: "--profiling" - flag: "--profiling"
@ -963,7 +963,7 @@ groups:
remediation: | remediation: |
Edit the API server pod specification file $apiserverconf Edit the API server pod specification file $apiserverconf
on the master node and set the below parameter. on the master node and set the below parameter.
--tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 --tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256
scored: false scored: false
- id: 1.3 - id: 1.3