mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-11-21 23:58:06 +00:00
fix 4.2.11 in cis-1.20 should be Automated (#1213)
This commit is contained in:
parent
907d952fb3
commit
e6b3eddb03
@ -388,7 +388,7 @@ groups:
|
||||
scored: false
|
||||
|
||||
- id: 4.2.11
|
||||
text: "Ensure that the --rotate-certificates argument is not set to false (Manual)"
|
||||
text: "Ensure that the --rotate-certificates argument is not set to false (Automated)"
|
||||
audit: "/bin/ps -fC $kubeletbin"
|
||||
audit_config: "/bin/cat $kubeletconf"
|
||||
tests:
|
||||
@ -412,7 +412,7 @@ groups:
|
||||
Based on your system, restart the kubelet service. For example:
|
||||
systemctl daemon-reload
|
||||
systemctl restart kubelet.service
|
||||
scored: false
|
||||
scored: true
|
||||
|
||||
- id: 4.2.12
|
||||
text: "Verify that the RotateKubeletServerCertificate argument is set to true (Manual)"
|
||||
|
2
integration/testdata/Expected_output.data
vendored
2
integration/testdata/Expected_output.data
vendored
@ -240,7 +240,7 @@ minimum.
|
||||
[PASS] 4.2.8 Ensure that the --hostname-override argument is not set (Manual)
|
||||
[WARN] 4.2.9 Ensure that the --event-qps argument is set to 0 or a level which ensures appropriate event capture (Manual)
|
||||
[WARN] 4.2.10 Ensure that the --tls-cert-file and --tls-private-key-file arguments are set as appropriate (Manual)
|
||||
[PASS] 4.2.11 Ensure that the --rotate-certificates argument is not set to false (Manual)
|
||||
[PASS] 4.2.11 Ensure that the --rotate-certificates argument is not set to false (Automated)
|
||||
[PASS] 4.2.12 Verify that the RotateKubeletServerCertificate argument is set to true (Manual)
|
||||
[WARN] 4.2.13 Ensure that the Kubelet only makes use of Strong Cryptographic Ciphers (Manual)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user