Guide to the Secure Configuration of Red Hat OpenShift Container Platform 4
Rules, Groups, and Values defined within the XCCDF Benchmark
-
OpenShift Kube APIServer TLS cert
OpenShift Kube APIServer TLS certValue -
OpenShift Kube APIServer TLS private key
OpenShift Kube APIServer TLS private keyValue -
OpenShift Kube APIServer kubelet certificate authority
OpenShift Kube APIServer kubelet certificate authorityValue -
OpenShift Kube APIServer kubelet client cert
OpenShift Kube APIServer kubelet client certValue -
Root of files obtained from OCP nodes
When scanning OpenShift clusters, some settings are not exposed as files. In the case that they are exported from the cluster (typically as yaml fi...Value -
OpenShift Kube APIServer kubelet client key
OpenShift Kube APIServer kubelet client keyValue -
Introduction
The purpose of this guidance is to provide security configuration recommendations and baselines for Red Hat OpenShift Container Platform 4. The gui...Group -
General Principles
The following general principles motivate much of the advice in this guide and should also influence any configuration decisions that are not expli...Group -
Encrypt Transmitted Data Whenever Possible
Data transmitted over a network, whether wired or wireless, is susceptible to passive monitoring. Whenever practical solutions for encrypting such ...Group -
Least Privilege
Grant the least privilege necessary for user accounts and software to perform tasks. For example, <code>sudo</code> can be implemented to limit aut...Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules