arno/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-15 20:39:08 +00:00
Code Issues Releases Wiki Activity

fix simple errors

Browse Source
This commit is contained in:
noqcks 2018-10-09 19:16:08 -04:00
parent ded5aff482
commit e85de9e8af
No known key found for this signature in database
GPG Key ID: BA134834CDD65A0D
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cfg/1.11/master.yaml
View File

@ -484,7 +484,7 @@ groups:
--client-ca-file=<path/to/client-ca-file>
scored: true
- id: 1.1.30
- id: 1.1.30
text: "Ensure that the API Server only makes use of Strong Cryptographic Ciphers (Not Scored)"
audit: "ps -ef | grep $apiserverbin | grep -v grep"
tests:
@ -492,7 +492,7 @@ groups:
- flag: "--tls-cipher-suites"
compare:
op: has
value: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM _SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM _SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM _SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256"
value: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256"
set: true
remediation: |
Edit the API server pod specification file $apiserverconf
@ -775,7 +775,7 @@ groups:
--feature-gates=RotateKubeletServerCertificate=true
scored: true
- id: 1.3.7
- id: 1.3.7
text: "Ensure that the --address argument is set to 127.0.0.1 (Scored)"
audit: "ps -ef | grep $controllermanagerbin | grep -v grep"
tests: