Skip to content

Kubernetes Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • The Kubernetes etcd must have file permissions set to 644 or more restrictive.

    <VulnDiscussion>The Kubernetes etcd key-value store provides a way to store data to the Control Plane. If these files can be changed, data to...
    Rule Medium Severity
  • SRG-APP-000516-CTR-001335

    <GroupDescription></GroupDescription>
    Group
  • The Kubernetes admin kubeconfig must have file permissions set to 644 or more restrictive.

    &lt;VulnDiscussion&gt;The Kubernetes admin kubeconfig files contain the arguments and settings for the Control Plane services. These services are c...
    Rule Medium Severity
  • SRG-APP-000516-CTR-001335

    <GroupDescription></GroupDescription>
    Group
  • SRG-APP-000190-CTR-000500

    <GroupDescription></GroupDescription>
    Group

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules