1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-26 01:49:28 +00:00

Update EKS 1.3 benchmark

This commit is contained in:
Darius Mejeras 2023-11-20 15:27:09 +02:00
parent 865ce7cb54
commit d1c2c0746b
3 changed files with 4 additions and 4 deletions

View File

@ -9,6 +9,6 @@ groups:
text: "Logging"
checks:
- id: 2.1.1
text: "Enable audit logs (Manual)"
text: "Enable audit logs (Automated)"
remediation: "Enable control plane logging for API Server, Audit, Authenticator, Controller Manager, and Scheduler."
scored: false

View File

@ -9,7 +9,7 @@ groups:
text: "Image Registry and Image Scanning"
checks:
- id: 5.1.1
text: "Ensure Image Vulnerability Scanning using Amazon ECR image scanning or a third-party provider (Manual)"
text: "Ensure Image Vulnerability Scanning using Amazon ECR image scanning or a third-party provider (Automated)"
type: "manual"
remediation: |
To utilize AWS ECR for Image scanning please follow the steps below:
@ -129,7 +129,7 @@ groups:
text: "Authentication and Authorization"
checks:
- id: 5.5.1
text: "Manage Kubernetes RBAC users with AWS IAM Authenticator for Kubernetes (Manual)"
text: "Manage Kubernetes RBAC users with AWS IAM Authenticator for Kubernetes or Upgrade to AWS CLI v1.16.156 or greater (Manual)"
type: "manual"
remediation: |
Refer to the 'Managing users or IAM roles for your cluster' in Amazon EKS documentation.

View File

@ -27,7 +27,7 @@ groups:
scored: false
- id: 4.1.3
text: "Minimize wildcard use in Roles and ClusterRoles (Manual)"
text: "Minimize wildcard use in Roles and ClusterRoles (Automated)"
type: "manual"
remediation: |
Where possible replace any use of wildcards in clusterroles and roles with specific