arno/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-12-20 05:38:13 +00:00
Code Issues Releases Wiki Activity

Update master.yaml

Browse Source 
Fix 1.1.23 to check *if* --service-account-lookup argument is set and if so then if it's equal to true
This commit is contained in:
yoavrotems 2019-03-25 14:41:06 +02:00 committed by GitHub
parent 573136a700
commit d059196b71
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cfg/1.13/master.yaml
View File

@ -366,7 +366,10 @@ groups:
text: "Ensure that the --service-account-lookup argument is set to true (Scored)"
audit: "ps -ef | grep $apiserverbin | grep -v grep"
tests:
bin_op: or
test_items:
- flag: "--service-account-lookup"
set: false
- flag: "--service-account-lookup"
compare:
op: eq