arno/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-12-18 20:58:10 +00:00
Code Issues Releases Wiki Activity

update the yaml according (#410)

Browse Source 
The update is from the new cis version 1.4.1.
like been done in https://github.com/aquasecurity/kube-bench/issues/370
This commit is contained in:
yoavrotems 2019-09-02 15:40:45 +00:00 committed by Liz Rice
parent ec3b1076c0
commit ea9089bd42
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
cfg/1.13-json/node.yaml
View File

@ -226,11 +226,12 @@ groups:
scored: true scored: true
- id: 2.1.11 - id: 2.1.11
text: "Ensure that the --cadvisor-port argument is set to 0 (Scored)" text: "[DEPRECATED] Ensure that the --cadvisor-port argument is set to 0"
# This is one of those properties that can only be set as a command line argument. # This is one of those properties that can only be set as a command line argument.
# To check if the property is set as expected, we need to parse the kubelet command # To check if the property is set as expected, we need to parse the kubelet command
# instead reading the Kubelet Configuration file. # instead reading the Kubelet Configuration file.
audit: "ps -fC $kubeletbin" audit: "ps -fC $kubeletbin"
type: skip
tests: tests:
bin_op: or bin_op: or
test_items: test_items:
@ -248,7 +249,7 @@ groups:
Based on your system, restart the kubelet service. For example: Based on your system, restart the kubelet service. For example:
systemctl daemon-reload systemctl daemon-reload
systemctl restart kubelet.service systemctl restart kubelet.service
scored: true scored: false
- id: 2.1.12 - id: 2.1.12
text: "Ensure that the --rotate-certificates argument is not set to false (Scored)" text: "Ensure that the --rotate-certificates argument is not set to false (Scored)"