1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-12-20 21:58:06 +00:00

master.yaml: Add --audit-policy-file check for 1.1.37. (#440)

* master.yaml: Add --audit-policy-file check for 1.1.37.

Signed-off-by: Simarpreet Singh <simar@linux.com>

* fix-177: fix line endings

Signed-off-by: Simarpreet Singh <simar@linux.com>
This commit is contained in:
Simarpreet Singh 2019-10-18 13:23:23 -07:00 committed by GitHub
parent 3964377a80
commit d77eab2234
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 36 additions and 2 deletions

View File

@ -613,7 +613,7 @@ groups:
--admission-control-config-file=<path/to/configuration/file> --admission-control-config-file=<path/to/configuration/file>
scored: true scored: true
- id: 1.1.37 - id: 1.1.37a
text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)" text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)"
audit: "ps -ef | grep $apiserverbin | grep -v grep" audit: "ps -ef | grep $apiserverbin | grep -v grep"
tests: tests:
@ -633,6 +633,23 @@ groups:
--audit-policy-file=/etc/kubernetes/audit-policy.yaml --audit-policy-file=/etc/kubernetes/audit-policy.yaml
scored: true scored: true
- id: 1.1.37b
text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)"
audit: "ps -ef | grep $apiserverbin | grep -v grep"
tests:
test_items:
- flag: "--audit-policy-file"
compare:
op: eq
value: "/etc/kubernetes/audit-policy.yaml"
set: true
remediation: |
Follow the Kubernetes documentation and set the desired audit policy in the
/etc/kubernetes/audit-policy.yaml file. Then, edit the API server pod specification file $apiserverconf
and set the below parameters.
--audit-policy-file=/etc/kubernetes/audit-policy.yaml
scored: true
- id: 1.1.38 - id: 1.1.38
text: "Ensure that the --request-timeout argument is set as appropriate (Scored)" text: "Ensure that the --request-timeout argument is set as appropriate (Scored)"
audit: "ps -ef | grep $apiserverbin | grep -v grep" audit: "ps -ef | grep $apiserverbin | grep -v grep"

View File

@ -618,7 +618,7 @@ groups:
--admission-control-config-file=<path/to/configuration/file> --admission-control-config-file=<path/to/configuration/file>
scored: true scored: true
- id: 1.1.37 - id: 1.1.37a
text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)" text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)"
audit: "ps -ef | grep $apiserverbin | grep -v grep" audit: "ps -ef | grep $apiserverbin | grep -v grep"
tests: tests:
@ -638,6 +638,23 @@ groups:
--audit-policy-file=/etc/kubernetes/audit-policy.yaml --audit-policy-file=/etc/kubernetes/audit-policy.yaml
scored: true scored: true
- id: 1.1.37b
text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)"
audit: "ps -ef | grep $apiserverbin | grep -v grep"
tests:
test_items:
- flag: "--audit-policy-file"
compare:
op: eq
value: "/etc/kubernetes/audit-policy.yaml"
set: true
remediation: |
Follow the Kubernetes documentation and set the desired audit policy in the
/etc/kubernetes/audit-policy.yaml file. Then, edit the API server pod specification file $apiserverconf
and set the below parameters.
--audit-policy-file=/etc/kubernetes/audit-policy.yaml
scored: true
- id: 1.1.38 - id: 1.1.38
text: "Ensure that the --request-timeout argument is set as appropriate (Scored)" text: "Ensure that the --request-timeout argument is set as appropriate (Scored)"
audit: "ps -ef | grep $apiserverbin | grep -v grep" audit: "ps -ef | grep $apiserverbin | grep -v grep"