Skip to content
Log In

Australian Cyber Security Centre (ACSC) Essential Eight

Rules and Groups employed by this XCCDF Profile

  • Kubernetes Settings

    Each section of this configuration guide includes information about the configuration of a Kubernetes cluster and a set of recommendations for hardening the configuration. For each hardening recomm...
    Group
    Show

  • OpenShift Kube API Server

    This section contains recommendations for kube-apiserver configuration.
    Group
    Show

  • Configure the Encryption Provider Cipher

    <p> When you enable etcd encryption, the following OpenShift API server and Kubernetes API server resources are encrypted: <ul> <li>Secrets</li> <li>ConfigMaps</li> <li>Routes</li> <...
    Rule Medium Severity
    Show

  • Use Strong Cryptographic Ciphers on the API Server

    To ensure that the API Server is configured to only use strong cryptographic ciphers, verify the <code>openshift-kube-apiserver</code> configmap contains the following set of ciphers, with no addit...
    Rule Medium Severity
    Show

  • Authentication

    In cloud workloads, there are many ways to create and configure to multiple authentication services. Some of these authentication methods by not be secure or common methodologies, or they may not b...
    Group
    Show

  • Do Not Use htpasswd-based IdP

    <p> For users to interact with OpenShift Container Platform, they must first authenticate to the cluster. The authentication layer identifies the user associated with requests to the...
    Rule Medium Severity
    Show

  • Kubernetes - General Security Practices

    Contains evaluations for general security practices for operating a Kubernetes environment.
    Group
    Show

  • This is a helper rule to fetch the required api resource for detecting HyperShift OCP version

    no description
    Rule Medium Severity
    Show

  • This is a helper rule to fetch the required api resource for detecting OCP version

    no description
    Rule Medium Severity
    Show

  • Role-based Access Control

    Role-based access control (RBAC) objects determine whether a user is allowed to perform a given action within a project. Cluster administrators can use the cluster roles and bindings to control wh...
    Group
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules