1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-22 16:18:07 +00:00
Commit Graph

10 Commits

Author SHA1 Message Date
Huang Huang
6589eb16e1
Support CIS Amazon Elastic Kubernetes Service (EKS) Benchmark v1.0.1 (#1045)
* Update eks-1.0 to support CIS EKS Benchmark v1.0.1

* add "No remediation"

* rename eks-1.0 to eks-1.0.1

Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-11-18 10:42:53 +02:00
Nick
cb7ee765a3
K8s Job Command Clean (#923)
* Update commands

* oopsy on run command

* update reference version for iks to be 120

Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
2021-07-07 18:21:30 +03:00
Michael Kandelaars
3e9b5a7b49
Refactor of EKS and ASFF integration Job and instructions (#794)
* Refactor to use Configmap for EKS and ASFF integration

* newline

* markdown fix

* formatting fix

* Update docs/asff.md

Co-authored-by: Liz Rice <liz@lizrice.com>

* typo

* docs: remove section about rebuilding

* docs: reminder to specify kube-bench image for ASFF

Co-authored-by: Liz Rice <liz@lizrice.com>
2021-02-22 14:28:36 +00:00
Brian Terry
c3f94dd89f
Aws asff (#770)
* add aasf

* add AASF format

* credentials provider

* add finding publisher

* add finding publisher

* add write AASF path

* add testing

* read config from file

* update docker file

* refactor

* remove sample

* add comments

* Add comment in EKS config.yaml

* Fix comment typo

* Fix spelling of ASFF

* Fix typo and other small code review suggestions

* Limit length of Actual result field

Avoids this message seen in testing:
  Message:Finding does not adhere to Amazon Finding Format. data.ProductFields['Actual result'] should NOT be longer than 1024 characters.

* Add comment for ASFF schema

* Add Security Hub documentation

* go mod tidy

* remove dupe lines in docs

* support integration in any region

* fix README link

* fix README links

Co-authored-by: Liz Rice <liz@lizrice.com>
2020-11-23 19:43:53 +00:00
Paavan
20ec5d14f2
added eks-1.0 cfg and modified job-eks.yaml for node checks (#639)
* added eks-1.0 cfg and modified job-eks.yaml for node checks

* fixed yamllint errors and README updates
2020-07-10 16:14:41 +01:00
Nick Smith
77f66511e7 Set all host-mounted volumes to be read-only. (#569)
By setting all host-mounted volumes to be read-only we reduce the likelihood
any host filesystem is modified by running kube-bench.
2020-01-28 10:45:31 -05:00
James Ward
5f34058dc7 Support Linting YAML as part of Travis CI build (#554)
* add yamllint command to travis CI

installs and runs a linter across the YAML in the
project to ensure consistency in the written YAML.

this uses yamllint and the default yamllint config with
"truthy" and "line-length" disabled.

* run dos2unix on CRLF files

* YAMLLINT: remove trailing spaces

* YAMLLint: add YAML document start

* YAMLLint: too many spaces around bracket

* YAMLLint: fix indentation

* YAMLLint: remove duplicate key

* YAMLLint: newline at end of file

* YAMLLint: Too few spaces after comma

* YAMLLint: too many spaces after colon
2020-01-06 09:18:25 +00:00
Nando Theessen
91bd47f296 Fixes job-eks.yaml to not fail on startup (#461) 2019-10-25 20:31:57 -04:00
Saiyam Pathak
39d9ef9d37 usr-bin volume mount not required (#424)
usr-bin volume mount not required as using kubelet version in command
2019-10-24 14:49:33 +01:00
Liz Rice
fa60fb68fd
Add job for EKS 2019-04-11 18:45:16 +01:00