Skip to content
Log In

Guide to the Secure Configuration of Red Hat OpenShift Container Platform 4

Rules, Groups, and Values defined within the XCCDF Benchmark

  • Verify Permissions on the OpenShift Admin Kubeconfig File

    To properly set the permissions of /etc/kubernetes/kubeconfig, run the command: 
    $ sudo chmod 0600 /etc/kubernetes/kubeconfig
    Rule Medium Severity
    Show

  • Verify Permissions on the OpenShift Multus Container Network Interface Plugin Files

    To properly set the permissions of /var/run/multus/cni/net.d/*, run the command: 
    $ sudo chmod 0644 /var/run/multus/cni/net.d/*
    Rule Medium Severity
    Show

  • Verify Permissions on the OpenShift PKI Certificate Files

    To properly set the permissions of <code>/etc/kubernetes/static-pod-resources/kube-*/secrets/*/tls.crt</code>, run the command: <pre>$ sudo chmod 0600 /etc/kubernetes/static-pod-resources/kube-*/s...
    Rule Medium Severity
    Show

  • Verify Permissions on the OpenShift PKI Private Key Files

    To properly set the permissions of /etc/kubernetes/static-pod-resources/*/*/*/*.key, run the command: 
    $ sudo chmod 0600 /etc/kubernetes/static-pod-resources/*/*/*/*.key
    Rule Medium Severity
    Show

  • Verify Permissions on the OpenShift Open vSwitch Files

    To properly set the permissions of /etc/openvswitch/.*, run the command: 
    $ sudo chmod 0644 /etc/openvswitch/.*
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules