1
0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-25 17:38:21 +00:00
kube-bench/cfg/k3s-cis-1.24/config.yaml
Derek Nola a9422a6623
Overhaul of K3s scans (#1659)
* Overhaul K3s 1.X checks

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Overhaul K3s 2.X Checks

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Overhaul K3s 4.X checks

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Overhaul K3s 5.X checks

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Add K3s cis-1.8 scan

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Fix K3s 1.1.10 check

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Merge journalctl checks for K3s

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Matched Manual/Automated to correct scoring (false/true)

Signed-off-by: Derek Nola <derek.nola@suse.com>

* Remove incorrect use of check_for_default_sa.sh script

Signed-off-by: Derek Nola <derek.nola@suse.com>

---------

Signed-off-by: Derek Nola <derek.nola@suse.com>
Co-authored-by: afdesk <work@afdesk.com>
2024-09-25 13:12:02 +06:00

59 lines
977 B
YAML

---
## Version-specific settings that override the values in cfg/config.yaml
master:
components:
- apiserver
- scheduler
- controllermanager
- etcd
- policies
apiserver:
bins:
- containerd
scheduler:
bins:
- containerd
kubeconfig:
- /var/lib/rancher/k3s/server/cred/scheduler.kubeconfig
controllermanager:
bins:
- containerd
kubeconfig:
- /var/lib/rancher/k3s/server/cred/controller.kubeconfig
etcd:
bins:
- containerd
etcd:
components:
- etcd
etcd:
confs: /var/lib/rancher/k3s/server/db/etcd/config
node:
components:
- kubelet
- proxy
kubelet:
bins:
- containerd
defaultkubeconfig: /var/lib/rancher/k3s/agent/kubelet.kubeconfig
defaultcafile: /var/lib/rancher/k3s/agent/client-ca.crt
proxy:
bins:
- containerd
defaultkubeconfig: /var/lib/rancher/k3s/agent/kubeproxy.kubeconfig
policies:
components:
- policies