Mirantis Kubernetes Engine Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
Swarm Secrets or Kubernetes Secrets must be used.
<VulnDiscussion>Swarm Secrets in Docker Swarm and Kubernetes Secrets both provide mechanisms for encrypting sensitive data at rest. This adds...Rule Medium Severity -
SRG-APP-000038-CTR-000105
<GroupDescription></GroupDescription>Group -
MKE must have Grants created to control authorization to cluster resources.
<VulnDiscussion>MKE uses Role-Based Access Controls (RBAC) to enforce approved authorizations for logical access to information and system re...Rule Medium Severity -
SRG-APP-000039-CTR-000110
<GroupDescription></GroupDescription>Group -
The network ports on all running containers must be limited to required ports.
<VulnDiscussion>To validate that the services are using only the approved ports and protocols, the organization must perform a periodic scan/...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules