mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-12-24 07:28:06 +00:00
master.yaml: Add --audit-policy-file check for 1.1.37. (#440)
* master.yaml: Add --audit-policy-file check for 1.1.37. Signed-off-by: Simarpreet Singh <simar@linux.com> * fix-177: fix line endings Signed-off-by: Simarpreet Singh <simar@linux.com>
This commit is contained in:
parent
3964377a80
commit
d77eab2234
cfg
@ -613,7 +613,7 @@ groups:
|
|||||||
--admission-control-config-file=<path/to/configuration/file>
|
--admission-control-config-file=<path/to/configuration/file>
|
||||||
scored: true
|
scored: true
|
||||||
|
|
||||||
- id: 1.1.37
|
- id: 1.1.37a
|
||||||
text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)"
|
text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)"
|
||||||
audit: "ps -ef | grep $apiserverbin | grep -v grep"
|
audit: "ps -ef | grep $apiserverbin | grep -v grep"
|
||||||
tests:
|
tests:
|
||||||
@ -633,6 +633,23 @@ groups:
|
|||||||
--audit-policy-file=/etc/kubernetes/audit-policy.yaml
|
--audit-policy-file=/etc/kubernetes/audit-policy.yaml
|
||||||
scored: true
|
scored: true
|
||||||
|
|
||||||
|
- id: 1.1.37b
|
||||||
|
text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)"
|
||||||
|
audit: "ps -ef | grep $apiserverbin | grep -v grep"
|
||||||
|
tests:
|
||||||
|
test_items:
|
||||||
|
- flag: "--audit-policy-file"
|
||||||
|
compare:
|
||||||
|
op: eq
|
||||||
|
value: "/etc/kubernetes/audit-policy.yaml"
|
||||||
|
set: true
|
||||||
|
remediation: |
|
||||||
|
Follow the Kubernetes documentation and set the desired audit policy in the
|
||||||
|
/etc/kubernetes/audit-policy.yaml file. Then, edit the API server pod specification file $apiserverconf
|
||||||
|
and set the below parameters.
|
||||||
|
--audit-policy-file=/etc/kubernetes/audit-policy.yaml
|
||||||
|
scored: true
|
||||||
|
|
||||||
- id: 1.1.38
|
- id: 1.1.38
|
||||||
text: "Ensure that the --request-timeout argument is set as appropriate (Scored)"
|
text: "Ensure that the --request-timeout argument is set as appropriate (Scored)"
|
||||||
audit: "ps -ef | grep $apiserverbin | grep -v grep"
|
audit: "ps -ef | grep $apiserverbin | grep -v grep"
|
||||||
|
@ -618,7 +618,7 @@ groups:
|
|||||||
--admission-control-config-file=<path/to/configuration/file>
|
--admission-control-config-file=<path/to/configuration/file>
|
||||||
scored: true
|
scored: true
|
||||||
|
|
||||||
- id: 1.1.37
|
- id: 1.1.37a
|
||||||
text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)"
|
text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)"
|
||||||
audit: "ps -ef | grep $apiserverbin | grep -v grep"
|
audit: "ps -ef | grep $apiserverbin | grep -v grep"
|
||||||
tests:
|
tests:
|
||||||
@ -638,6 +638,23 @@ groups:
|
|||||||
--audit-policy-file=/etc/kubernetes/audit-policy.yaml
|
--audit-policy-file=/etc/kubernetes/audit-policy.yaml
|
||||||
scored: true
|
scored: true
|
||||||
|
|
||||||
|
- id: 1.1.37b
|
||||||
|
text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)"
|
||||||
|
audit: "ps -ef | grep $apiserverbin | grep -v grep"
|
||||||
|
tests:
|
||||||
|
test_items:
|
||||||
|
- flag: "--audit-policy-file"
|
||||||
|
compare:
|
||||||
|
op: eq
|
||||||
|
value: "/etc/kubernetes/audit-policy.yaml"
|
||||||
|
set: true
|
||||||
|
remediation: |
|
||||||
|
Follow the Kubernetes documentation and set the desired audit policy in the
|
||||||
|
/etc/kubernetes/audit-policy.yaml file. Then, edit the API server pod specification file $apiserverconf
|
||||||
|
and set the below parameters.
|
||||||
|
--audit-policy-file=/etc/kubernetes/audit-policy.yaml
|
||||||
|
scored: true
|
||||||
|
|
||||||
- id: 1.1.38
|
- id: 1.1.38
|
||||||
text: "Ensure that the --request-timeout argument is set as appropriate (Scored)"
|
text: "Ensure that the --request-timeout argument is set as appropriate (Scored)"
|
||||||
audit: "ps -ef | grep $apiserverbin | grep -v grep"
|
audit: "ps -ef | grep $apiserverbin | grep -v grep"
|
||||||
|
Loading…
Reference in New Issue
Block a user