BSI IT-Grundschutz (Basic Protection) Building Block SYS.1.6 and APP.4.4
Rules and Groups employed by this XCCDF Profile
-
Kubernetes - General Security Practices
Contains evaluations for general security practices for operating a Kubernetes environment.Group -
Ensure the notification is enabled for file integrity operator
The OpenShift platform provides the File Integrity Operator to monitor for unwanted file changes, and this control ensures proper notification aler...Rule Medium Severity -
Apply Security Context to Your Pods and Containers
Apply Security Context to your Pods and ContainersRule Medium Severity -
Ensure that GitOps Operator is deployed
Red Hat OpenShift GitOps is a declarative continuous delivery platform based on Argo CD. It enables teams to adopt GitOps principles for managing c...Rule Medium Severity -
Ensure that the kubeadmin secret has been removed
The kubeadmin user is meant to be a temporary user used for bootstrapping purposes. It is preferable to assign system administrators whose users ar...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.
Capacity
Modules