Skip to content

Red Hat OpenShift Container Platform 4.12 Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • SRG-APP-000068-CTR-000120

    <GroupDescription></GroupDescription>
    Group
  • OpenShift must display the Standard Mandatory DOD Notice and Consent Banner before granting access to platform components.

    &lt;VulnDiscussion&gt;OpenShift has countless components where different access levels are needed. To control access, the user must first log into ...
    Rule Low Severity
  • SRG-APP-000089-CTR-000150

    <GroupDescription></GroupDescription>
    Group
  • OpenShift must generate audit records for all DOD-defined auditable events within all components in the platform.

    &lt;VulnDiscussion&gt;The OpenShift Platform supports three audit levels: Default, WriteRequestBodies, and AllRequestBodies. The identities of the ...
    Rule Medium Severity
  • SRG-APP-000091-CTR-000160

    <GroupDescription></GroupDescription>
    Group
  • OpenShift must generate audit records when successful/unsuccessful attempts to access privileges occur.

    &lt;VulnDiscussion&gt;OpenShift and its components must generate audit records successful/unsuccessful attempts to access or delete security object...
    Rule Medium Severity
  • SRG-APP-000092-CTR-000165

    <GroupDescription></GroupDescription>
    Group
  • Red Hat Enterprise Linux CoreOS (RHCOS) must initiate session audits at system startup.

    &lt;VulnDiscussion&gt;Initiating session audits at system startup allows for comprehensive monitoring of user activities and system events from the...
    Rule High Severity
  • SRG-APP-000095-CTR-000170

    <GroupDescription></GroupDescription>
    Group
  • All audit records must identify what type of event has occurred within OpenShift.

    &lt;VulnDiscussion&gt;Within the container platform, audit data can be generated from any of the deployed container platform components. This audit...
    Rule Medium Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules