arno/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2024-11-21 15:48:06 +00:00
Code Issues Releases Wiki Activity
a15e8acaa3
kube-bench/cfg
History
Abubakr-Sadik Nii Nai Davis a15e8acaa3
Add GKE 1.6 CIS benchmark for GCP environment (#1672) 
* Add config entries for GKE 1.6 controls

* Add gke1.6 control plane recommendations

* Add gke-1.6.0 worker node recommendations

* Add gke-1.6.0 policy recommendations

* Add managed services and policy recommendation

* Add master recommendations

* Fix formatting across gke-1.6.0 files

* Add gke-1.6.0 benchmark selection based on k8s version

* Workaround: hardcode kubelet config path for gke-1.6.0

* Fix tests for makeIPTablesUtilChaings

* Change scored field for all node tests to true

* Fix kubelet file permission to check for

---------

Co-authored-by: afdesk <work@afdesk.com>
2024-10-11 10:49:35 +06:00
..
ack-1.0 Issue: The initial command produces "root:root" as its output only when the file is present. However, if the file is missing, the command will still run successfully, though the desired output of "root:root" won't be obtained. (#1538) 2023-12-18 09:10:07 +02:00
aks-1.0 Fixed typo in policies.yaml (#1113) 2022-03-13 09:27:25 +02:00
cis-1.5 Issue: The initial command produces "root:root" as its output only when the file is present. However, if the file is missing, the command will still run successfully, though the desired output of "root:root" won't be obtained. (#1538) 2023-12-18 09:10:07 +02:00
cis-1.6 Issue: The initial command produces "root:root" as its output only when the file is present. However, if the file is missing, the command will still run successfully, though the desired output of "root:root" won't be obtained. (#1538) 2023-12-18 09:10:07 +02:00
cis-1.6-k3s Fix to empty grep and other cis-1.6-k3s checks (#1352) 2023-01-13 18:06:57 +02:00
cis-1.7 Modify 1.2.3 Ensure that the DenyServiceExternalIPs is set in CIS-1.7/1.8 (#1607) 2024-09-30 10:30:59 +06:00
cis-1.8 Modify 1.2.3 Ensure that the DenyServiceExternalIPs is set in CIS-1.7/1.8 (#1607) 2024-09-30 10:30:59 +06:00
cis-1.9 update audit script for cis-1.9 kubernetes policies id 5.1.6 (#1655) 2024-10-01 11:48:02 +06:00
cis-1.20 Issue: The initial command produces "root:root" as its output only when the file is present. However, if the file is missing, the command will still run successfully, though the desired output of "root:root" won't be obtained. (#1538) 2023-12-18 09:10:07 +02:00
cis-1.23 Issue: The initial command produces "root:root" as its output only when the file is present. However, if the file is missing, the command will still run successfully, though the desired output of "root:root" won't be obtained. (#1538) 2023-12-18 09:10:07 +02:00
cis-1.24 Issue: The initial command produces "root:root" as its output only when the file is present. However, if the file is missing, the command will still run successfully, though the desired output of "root:root" won't be obtained. (#1538) 2023-12-18 09:10:07 +02:00
cis-1.24-microk8s fix wrong use of flag in test_items found in 4.13 and 4.14 (#1528) 2023-12-03 09:06:35 +02:00
eks-1.0.1 Fixed typo in policies.yaml (#1113) 2022-03-13 09:27:25 +02:00
eks-1.1.0 Support CIS Amazon Elastic Kubernetes Service (EKS) Benchmark v1.1.0 (#1222) 2022-09-15 09:04:54 +03:00
eks-1.2.0 support CIS Amazon Elastic Kubernetes Service (EKS) Benchmark v1.2.0 (#1449) 2023-05-21 17:53:58 +03:00
eks-stig-kubernetes-v1r6 Adding eks-stig-kubernetes-v1r6 (#1266) 2022-09-14 17:40:48 +03:00
gke-1.0 Fixed typo in policies.yaml (#1113) 2022-03-13 09:27:25 +02:00
gke-1.2.0 Fixed typo in policies.yaml (#1113) 2022-03-13 09:27:25 +02:00
gke-1.6.0 Add GKE 1.6 CIS benchmark for GCP environment (#1672) 2024-10-11 10:49:35 +06:00
k3s-cis-1.7 Overhaul of K3s scans (#1659) 2024-09-25 13:12:02 +06:00
k3s-cis-1.8 Overhaul of K3s scans (#1659) 2024-09-25 13:12:02 +06:00
k3s-cis-1.23 Overhaul of K3s scans (#1659) 2024-09-25 13:12:02 +06:00
k3s-cis-1.24 Overhaul of K3s scans (#1659) 2024-09-25 13:12:02 +06:00
rh-0.7 Fix experimental-encryption-provider-config test on OCP 3.11 - Issue #926 (#1024) 2021-10-27 12:56:00 +03:00
rh-1.0 fix: rh-1.0 check 4.1.3 typo (#1652) 2024-10-04 13:42:56 +06:00
rke2-cis-1.7 Rancher checks correction (#1563) 2024-02-12 15:29:36 +02:00
rke2-cis-1.23 Rancher checks correction (#1563) 2024-02-12 15:29:36 +02:00
rke2-cis-1.24 FIXING RKE-2-CIS-1.24 Checks (#1688) 2024-09-24 11:56:58 +06:00
rke-cis-1.7 Overhaul of K3s scans (#1659) 2024-09-25 13:12:02 +06:00
rke-cis-1.23 Overhaul of K3s scans (#1659) 2024-09-25 13:12:02 +06:00
rke-cis-1.24 Overhaul of K3s scans (#1659) 2024-09-25 13:12:02 +06:00
tkgi-1.2.53 add support VMware Tanzu(TKGI) Benchmarks v1.2.53 (#1452) 2023-06-01 16:37:50 +03:00
config.yaml Add GKE 1.6 CIS benchmark for GCP environment (#1672) 2024-10-11 10:49:35 +06:00