You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32 lines
1.6 KiB
32 lines
1.6 KiB
---
|
|
controls:
|
|
version: "aks-1.0"
|
|
id: 2
|
|
text: "Control Plane Configuration"
|
|
type: "controlplane"
|
|
groups:
|
|
- id: 2.1
|
|
text: "Logging"
|
|
checks:
|
|
- id: 2.1.1
|
|
text: "Enable audit Logs"
|
|
type: "manual"
|
|
remediation: |
|
|
Azure audit logs are enabled and managed in the Azure portal. To enable log collection for
|
|
the Kubernetes master components in your AKS cluster, open the Azure portal in a web
|
|
browser and complete the following steps:
|
|
1. Select the resource group for your AKS cluster, such as myResourceGroup. Don't
|
|
select the resource group that contains your individual AKS cluster resources, such
|
|
as MC_myResourceGroup_myAKSCluster_eastus.
|
|
2. On the left-hand side, choose Diagnostic settings.
|
|
3. Select your AKS cluster, such as myAKSCluster, then choose to Add diagnostic setting.
|
|
4. Enter a name, such as myAKSClusterLogs, then select the option to Send to Log Analytics.
|
|
5. Select an existing workspace or create a new one. If you create a workspace, provide
|
|
a workspace name, a resource group, and a location.
|
|
6. In the list of available logs, select the logs you wish to enable. For this example,
|
|
enable the kube-audit and kube-audit-admin logs. Common logs include the kube-
|
|
apiserver, kube-controller-manager, and kube-scheduler. You can return and change
|
|
the collected logs once Log Analytics workspaces are enabled.
|
|
7. When ready, select Save to enable collection of the selected logs.
|
|
scored: false
|