Capacity
CIP-003-8 R4.2
2
Rule
Severity: High
Ensure that application Namespaces have Network Policies defined.
29
Rule
Severity: Medium
Harden SSH client Crypto Policy
19
Rule
Severity: High
The Installed Operating System Is FIPS 140-2 Certified
7
Rule
Severity: Medium
Disable Prelinking
1
Rule
Severity: Medium
Ensure that File Integrity Operator is scanning the cluster
1
Rule
Severity: High
Ensure that FIPS mode is enabled on all cluster nodes
1
Rule
Severity: Medium
Configure the Client Certificate Authority for the API Server
1
Rule
Severity: Medium
Configure the Encryption Provider Cipher
1
Rule
Severity: Medium
Configure the etcd Certificate Authority for the API Server
1
Rule
Severity: Medium
Configure the etcd Certificate for the API Server
1
Rule
Severity: Medium
Configure the etcd Certificate Key for the API Server
1
Rule
Severity: Medium
Ensure that the --kubelet-https argument is set to true
1
Rule
Severity: High
Configure the kubelet Certificate Authority for the API Server
1
Rule
Severity: High
Configure the kubelet Certificate File for the API Server
1
Rule
Severity: High
Configure the kubelet Certificate Key for the API Server
2
Rule
Severity: Medium
Ensure the openshift-oauth-apiserver service uses TLS
1
Rule
Severity: Medium
Configure the Certificate for the API Server
1
Rule
Severity: Medium
Configure the Certificate Key for the API Server
1
Rule
Severity: High
Only Use LDAP-based IdPs with TLS
1
Rule
Severity: Low
Ensure Controller insecure port argument is unset
1
Rule
Severity: Medium
Ensure that the RotateKubeletServerCertificate argument is set
1
Rule
Severity: Low
Ensure Controller secure-port argument is set
1
Rule
Severity: Medium
Configure the Service Account Certificate Authority Key for the Controller Manager
1
Rule
Severity: Medium
Configure the Service Account Private Key for the Controller Manager
1
Rule
Severity: Medium
Disable etcd Self-Signed Certificates
1
Rule
Severity: Medium
Ensure That The etcd Client Certificate Is Correctly Set
1
Rule
Severity: Medium
Enable The Client Certificate Authentication
1
Rule
Severity: Medium
Ensure That The etcd Key File Is Correctly Set
1
Rule
Severity: Medium
Disable etcd Peer Self-Signed Certificates
1
Rule
Severity: Medium
Ensure That The etcd Peer Client Certificate Is Correctly Set
1
Rule
Severity: Medium
Enable The Peer Client Certificate Authentication
1
Rule
Severity: Medium
Ensure That The etcd Peer Key File Is Correctly Set
1
Rule
Severity: Medium
Ensure That The kubelet Client Certificate Is Correctly Set
1
Rule
Severity: Medium
Ensure That The kubelet Server Key Is Correctly Set
20
Rule
Severity: High
Verify and Correct File Permissions with RPM
14
Rule
Severity: High
Configure BIND to use System Crypto Policy
17
Rule
Severity: High
Configure System Cryptography Policy
15
Rule
Severity: High
Verify and Correct Ownership with RPM
14
Rule
Severity: High
Configure Kerberos to use System Crypto Policy
16
Rule
Severity: High
Configure Libreswan to use System Crypto Policy
16
Rule
Severity: Medium
Configure OpenSSL library to use System Crypto Policy
16
Rule
Severity: Medium
Configure SSH to use System Crypto Policy
5
Rule
Severity: Medium
Install the dracut-fips-aesni Package
5
Rule
Severity: Medium
Install the dracut-fips Package
13
Rule
Severity: High
Ensure '/etc/system-fips' exists
5
Rule
Severity: High
Enable FIPS Mode in GRUB2
12
Rule
Severity: Medium
Harden SSHD Crypto Policy
13
Rule
Severity: High
Ensure Red Hat GPG Key Installed
17
Rule
Severity: High
Encrypt Partitions
29
Rule
Severity: High
Allow Only SSH Protocol 2
9
Rule
Severity: High
Enable Dracut FIPS Module
9
Rule
Severity: High
Enable FIPS Mode
9
Rule
Severity: High
Set kernel parameter 'crypto.fips_enabled' to 1
3
Rule
Severity: Medium
Harden OpenSSL Crypto Policy
1
Rule
Severity: Medium
Ensure that the cluster's audit profile is properly set
1
Rule
Severity: Medium
Ensure that all OpenShift Routes prefer TLS
1
Rule
Severity: Medium
Ensure that the bind-address parameter is not used
2
Rule
Severity: High
Ensure SUSE GPG Key Installed
Patternfly
PatternFly elements
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Modules