Red Hat OpenShift Container Platform 4.12 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
OpenShift must contain the latest images with most recent updates and execute within the container platform runtime as authorized by IAVM, CTOs, DTMs, and STIGs.
It is critical to the security and stability of the container platform and the software services running on the platform to ensure that images are deployed through a trusted software supply chain. ...Rule Medium Severity -
The Compliance Operator must be configured.
The Compliance Operator enables continuous compliance monitoring within OpenShift. It regularly assesses the environment against defined compliance policies and automatically detects and reports an...Rule Medium Severity -
OpenShift must generate audit records when successful/unsuccessful attempts to modify privileges occur.
Audit records provide a crucial source of information for security monitoring and incident response. By generating audit records for privilege modification attempts, OpenShift enables administrator...Rule Medium Severity -
OpenShift must generate audit records when successful/unsuccessful logon attempts occur.
Audit records provide valuable information for security monitoring and intrusion detection. By generating audit logs for logon attempts, OpenShift enables administrators and security teams to track...Rule Medium Severity -
Red Hat Enterprise Linux CoreOS (RHCOS) must disable SSHD service.
Any direct remote access to the RHCOS nodes is not allowed. RHCOS is a single-purpose container operating system and is only supported as a component of the OpenShift Container Platform. Remote man...Rule High Severity -
OpenShift must use FIPS-validated SHA-2 or higher hash function for digital signature generation and verification (nonlegacy use).
Using a FIPS-validated SHA-2 or higher hash function for digital signature generation and verification in OpenShift ensures strong cryptographic security, compliance with industry standards, and pr...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.