mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-12-31 19:00:55 +00:00
commit
e1f5bb1ace
@ -607,15 +607,15 @@ groups:
|
|||||||
text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)"
|
text: "Ensure that the AdvancedAuditing argument is not set to false (Scored)"
|
||||||
audit: "ps -ef | grep $apiserverbin | grep -v grep"
|
audit: "ps -ef | grep $apiserverbin | grep -v grep"
|
||||||
tests:
|
tests:
|
||||||
bin_op: and
|
bin_op: or
|
||||||
test_items:
|
test_items:
|
||||||
- flag: "--feature-gates"
|
- flag: "--feature-gates"
|
||||||
compare:
|
compare:
|
||||||
op: nothave
|
op: nothave
|
||||||
value: "AdvancedAuditing=false"
|
value: "AdvancedAuditing=false"
|
||||||
set: true
|
set: true
|
||||||
- flag: "--audit-policy-file"
|
- flag: "--feature-gates"
|
||||||
set: true
|
set: false
|
||||||
remediation: |
|
remediation: |
|
||||||
Follow the Kubernetes documentation and set the desired audit policy in the
|
Follow the Kubernetes documentation and set the desired audit policy in the
|
||||||
/etc/kubernetes/audit-policy.yaml file. Then, edit the API server pod specification file $apiserverconf
|
/etc/kubernetes/audit-policy.yaml file. Then, edit the API server pod specification file $apiserverconf
|
||||||
|
Loading…
Reference in New Issue
Block a user