mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-11-29 19:38:12 +00:00
7027b6b2ec
* Create cis-1.9 yamls and Update info - policies.yaml - 5.1.1 to 5.1.6 were adapted from Manual to Automated - 5.1.3 got broken down into 5.1.3.1 and 5.1.3.2 - 5.1.6 got broken down into 5.1.6.1 and 5.1.6.2 - version was set to cis-1.9 - node.yaml master.yaml controlplane.yaml etcd.yaml - version was set to cis-1.9 * Adapt master.yaml - Expand 1.1.13/1.1.14 checks by adding super-admin.conf to the permission and ownership verification - Remove 1.2.12 Ensure that the admission control plugin SecurityContextDeny is set if PodSecurityPolicy is not used (Manual) - Adjust numbering from 1.2.12 to 1.2.29 * Adjust policies.yaml - Check 5.2.3 to 5.2.9 Title Automated to Manual * Append node.yaml - Create 4.3 kube-config group - Create 4.3.1 Ensure that the kube-proxy metrics service is bound to localhost (Automated) * Adjust policies 5.1.3 and 5.1.6 - Merge 5.1.3.1 and 5.1.3.2 into 5.1.3 (use role_is_compliant and clusterrole_is_compliant) - Remove 5.1.6.1 and promote 5.1.6.2 to 5.1.6 since it natively covered 5.1.6.1 artifacts * Add kubectl dependency and update publish - Download kubectl (build stage) based on version and architecture - Add binary checksum verification - Use go env GOARCH for ARCH
3 lines
77 B
YAML
3 lines
77 B
YAML
---
|
|
## Version-specific settings that override the values in cfg/config.yaml
|