mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-12-24 07:28:06 +00:00
Update master.yaml
Fix 1.1.23 to check *if* --service-account-lookup argument is set and if so then if it's equal to true
This commit is contained in:
parent
573136a700
commit
d059196b71
@ -366,7 +366,10 @@ groups:
|
|||||||
text: "Ensure that the --service-account-lookup argument is set to true (Scored)"
|
text: "Ensure that the --service-account-lookup argument is set to true (Scored)"
|
||||||
audit: "ps -ef | grep $apiserverbin | grep -v grep"
|
audit: "ps -ef | grep $apiserverbin | grep -v grep"
|
||||||
tests:
|
tests:
|
||||||
|
bin_op: or
|
||||||
test_items:
|
test_items:
|
||||||
|
- flag: "--service-account-lookup"
|
||||||
|
set: false
|
||||||
- flag: "--service-account-lookup"
|
- flag: "--service-account-lookup"
|
||||||
compare:
|
compare:
|
||||||
op: eq
|
op: eq
|
||||||
|
Loading…
Reference in New Issue
Block a user