Kubernetes Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
The Kubernetes etcd must use TLS to protect the confidentiality of sensitive data during electronic dissemination.
<VulnDiscussion>Kubernetes etcd will prohibit the use of SSL and unauthorized versions of TLS protocols to properly secure communication. Th...Rule Medium Severity -
SRG-APP-000014-CTR-000035
<GroupDescription></GroupDescription>Group -
The Kubernetes etcd must use TLS to protect the confidentiality of sensitive data during electronic dissemination.
<VulnDiscussion>The Kubernetes API Server will prohibit the use of SSL and unauthorized versions of TLS protocols to properly secure communic...Rule Medium Severity -
SRG-APP-000023-CTR-000055
<GroupDescription></GroupDescription>Group -
The Kubernetes Controller Manager must create unique service accounts for each work payload.
<VulnDiscussion>The Kubernetes Controller Manager is a background process that embeds core control loops regulating cluster system state thro...Rule High Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules