Red Hat OpenShift Container Platform 4.12 Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000505-CTR-001285
<GroupDescription></GroupDescription>Group -
OpenShift audit records must record user access start and end times.
<VulnDiscussion>OpenShift must generate audit records showing start and end times for users and services acting on behalf of a user accessing...Rule Medium Severity -
SRG-APP-000506-CTR-001290
<GroupDescription></GroupDescription>Group -
OpenShift must generate audit records when concurrent logons from different workstations and systems occur.
<VulnDiscussion>OpenShift and its components must generate audit records for concurrent logons from workstations perform remote maintenance, ...Rule Medium Severity -
SRG-APP-000141-CTR-000315
<GroupDescription></GroupDescription>Group -
OpenShift must use FIPS-validated SHA-2 or higher hash function for digital signature generation and verification (nonlegacy use).
<VulnDiscussion>Using a FIPS-validated SHA-2 or higher hash function for digital signature generation and verification in OpenShift ensures s...Rule Medium Severity -
Red Hat Enterprise Linux CoreOS (RHCOS) must disable SSHD service.
<VulnDiscussion>Any direct remote access to the RHCOS nodes is not allowed. RHCOS is a single-purpose container operating system and is only ...Rule High Severity -
SRG-APP-000141-CTR-000315
<GroupDescription></GroupDescription>Group -
Red Hat Enterprise Linux CoreOS (RHCOS) must disable USB Storage kernel module.
<VulnDiscussion>Disabling the USB Storage kernel module helps protect against potential data exfiltration or unauthorized access to sensitive...Rule Medium Severity -
SRG-APP-000141-CTR-000315
<GroupDescription></GroupDescription>Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.