From e85de9e8af25cf5fe5783df4812832928250d973 Mon Sep 17 00:00:00 2001 From: noqcks Date: Tue, 9 Oct 2018 19:16:08 -0400 Subject: [PATCH] fix simple errors --- cfg/1.11/master.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cfg/1.11/master.yaml b/cfg/1.11/master.yaml index 0da9393..77e7ba0 100644 --- a/cfg/1.11/master.yaml +++ b/cfg/1.11/master.yaml @@ -484,7 +484,7 @@ groups: --client-ca-file= scored: true -- id: 1.1.30 + - id: 1.1.30 text: "Ensure that the API Server only makes use of Strong Cryptographic Ciphers (Not Scored)" audit: "ps -ef | grep $apiserverbin | grep -v grep" tests: @@ -492,7 +492,7 @@ groups: - flag: "--tls-cipher-suites" compare: op: has - value: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM _SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM _SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM _SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256" + value: "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256" set: true remediation: | Edit the API server pod specification file $apiserverconf @@ -775,7 +775,7 @@ groups: --feature-gates=RotateKubeletServerCertificate=true scored: true - - id: 1.3.7 + - id: 1.3.7 text: "Ensure that the --address argument is set to 127.0.0.1 (Scored)" audit: "ps -ef | grep $controllermanagerbin | grep -v grep" tests: