Guide to the Secure Configuration of Amazon Elastic Kubernetes Service
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Kube controller manager config check - use service account
Kube controller manager config check - use service accountValue -
OpenShift etcd Settings
Contains rules that check correct OpenShift etcd settings.Group -
Etcd config filter
Etcd config filterValue -
Etcd config file path
Etcd config file pathValue -
kubelet - Allow Automatic Firewall Configuration
The kubelet has the ability to automatically configure the firewall to allow the containers required ports and connections to networking resources ...Rule Medium Severity -
kubelet - Enable Server Certificate Rotation
To enable the kubelet to rotate server certificates, edit the kubelet configuration file <code>/etc/kubernetes/kubelet/kubelet-config.json</code> o...Rule Medium Severity -
OpenShift - Master Node Settings
Contains evaluations for the master node configuration settings.Group -
OpenShift API Server
This section contains recommendations for openshift-apiserver configuration.Group -
Role-based Access Control
Role-based access control (RBAC) objects determine whether a user is allowed to perform a given action within a project. Cluster administrators ca...Group -
OpenShift - Risk Assessment Settings
Contains evaluations for the cluster's risk assessment configuration settings.Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules