III - Administrative Classified
Rules and Groups employed by this XCCDF Profile
-
SRG-APP-000039-CTR-000110
Group -
OpenShift must enforce approved authorizations for controlling the flow of information within the container platform based on organization-defined information flow control policies.
OpenShift provides several layers of protection to control the flow of information between the container platform components and user services. Each user project is given a separate namespace and O...Rule Medium Severity -
SRG-APP-000068-CTR-000120
Group -
OpenShift must display the Standard Mandatory DOD Notice and Consent Banner before granting access to platform components.
OpenShift has countless components where different access levels are needed. To control access, the user must first log into the component and then be presented with a DOD-approved use notification...Rule Low Severity -
SRG-APP-000089-CTR-000150
Group -
OpenShift must generate audit records for all DOD-defined auditable events within all components in the platform.
The OpenShift Platform supports three audit levels: Default, WriteRequestBodies, and AllRequestBodies. The identities of the users are logged for all three audit levels log level. The WriteRequestB...Rule Medium Severity -
SRG-APP-000091-CTR-000160
Group -
OpenShift must generate audit records when successful/unsuccessful attempts to access privileges occur.
OpenShift and its components must generate audit records when successful/unsuccessful attempts to access or delete security objects, security levels, and privileges occur. All the components must ...Rule Medium Severity -
SRG-APP-000092-CTR-000165
Group -
Red Hat Enterprise Linux CoreOS (RHCOS) must initiate session audits at system startup.
Initiating session audits at system startup allows for comprehensive monitoring of user activities and system events from the moment the system is powered on. Audit logs capture information about l...Rule High Severity -
SRG-APP-000095-CTR-000170
Group -
All audit records must identify what type of event has occurred within OpenShift.
Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues such as security incidents that...Rule Medium Severity -
SRG-APP-000096-CTR-000175
Group -
OpenShift audit records must have a date and time association with all events.
Within the container platform, audit data can be generated from any of the deployed container platform components. This audit data is important when there are issues, such as security incidents, th...Rule Medium Severity -
SRG-APP-000099-CTR-000190
Group -
All audit records must generate the event results within OpenShift.
Within the container platform, audit data can be generated from any of the deployed container platform components. Since the audit data may be part of a larger audit system, it is important for the...Rule Medium Severity -
SRG-APP-000109-CTR-000215
Group -
OpenShift must take appropriate action upon an audit failure.
It is critical that when the container platform is at risk of failing to process audit logs as required that it takes action to mitigate the failure. Audit processing failures include software/hard...Rule Medium Severity -
SRG-APP-000111-CTR-000220
Group -
OpenShift components must provide the ability to send audit logs to a central enterprise repository for review and analysis.
Sending audit logs to a central enterprise repository allows for centralized log management. Instead of scattered logs across multiple OpenShift components, having a centralized repository simplifi...Rule Medium Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.