mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2025-02-12 07:32:58 +00:00
0d1bd2bbd9
* Delete README.md * Edit readme and separate into different files * Update README.md * Update Running.md * Update CONTRIBUTING.md * Create Contributing.md * Add files via upload * Update Index.md * Rename Flags and Commands.md to Flags_and_commands.md * Rename Index.md to index.md * Create mkdocs.yml * Delete images directory * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * Update README.md * Create mkdocs-dev.yaml * Create mkdocs-latest.yaml * Update mkdocs.yml * Update mkdocs.yml * Update mkdocs.yml Add yamllint --- * Make it yamllint comply * Make Yamllint comply * Make Yamllint comply * Change description Co-authored-by: Itay Shakury <itay@itaysk.com> * Fix syntax Co-authored-by: Itay Shakury <itay@itaysk.com> * Update docs/Architecture.md Co-authored-by: Itay Shakury <itay@itaysk.com> * Update docs/Architecture.md Co-authored-by: Itay Shakury <itay@itaysk.com> * Update example for test files * Update contributing * Delete Contributing.md * Update Flags_and_commands.md * Change syntax and add source * Update Platforms.md * lower case file names * lower case file names * Lower case file names * Lower case file names * Lower case file names * Lower case file names * Add note about inspect master in some platforms * Add quick start * Lower case files names * Lower case files names * Fixing typo * Remove section about old ocp * Fix typos Co-authored-by: Itay Shakury <itay@itaysk.com>
26 lines
1.5 KiB
Markdown
26 lines
1.5 KiB
Markdown
## Test config YAML representation
|
|
|
|
The tests (or "controls") are maintained in YAML documents. There are different versions of these test YAML files reflecting different [versions and platforms of the CIS Kubernetes Benchmark](./platforms.md). You will find more information about the test file YAML definitions in our [controls documentation](./controls.md).
|
|
|
|
## Kube-bench benchmarks
|
|
|
|
The test files for the various versions of Benchmarks can be found in directories
|
|
with same name as the Benchmark versions under the `cfg` directory next to the kube-bench executable,
|
|
for example `./cfg/cis-1.5` will contain all test files for [CIS Kubernetes Benchmark v1.5.1](https://workbench.cisecurity.org/benchmarks/4892) which are:
|
|
master.yaml, controlplane.yaml, node.yaml, etcd.yaml, policies.yaml and config.yaml
|
|
|
|
Check the contents of the benchmark directory under `cfg` to see which targets are available for that benchmark. Each file except `config.yaml` represents a target (also known as a `control` in other parts of this documentation).
|
|
|
|
The following table shows the valid targets based on the CIS Benchmark version.
|
|
| CIS Benchmark | Targets |
|
|
|---|---|
|
|
| cis-1.5| master, controlplane, node, etcd, policies |
|
|
| cis-1.6| master, controlplane, node, etcd, policies |
|
|
| gke-1.0| master, controlplane, node, etcd, policies, managedservices |
|
|
| eks-1.0| controlplane, node, policies, managedservices |
|
|
| ack-1.0| master, controlplane, node, etcd, policies, managedservices |
|
|
| rh-0.7| master,node|
|
|
| rh-1.0| master, controlplane, node, etcd, policies |
|
|
|
|
|