CIS Kubernetes v1.24 Benchmark v1.0.0 L2 Master

Audit Details

Name: CIS Kubernetes v1.24 Benchmark v1.0.0 L2 Master

Updated: 6/17/2024

Authority: CIS

Plugin: Unix

Revision: 1.5

Estimated Item Count: 13

File Details

Filename: CIS_Kubernetes_v1.24_v1.0.0_Level_2_Master.audit

Size: 46 kB

MD5: 2c16f631abf0ec02695420dcccb5c0a5
SHA256: 8ac63d3af6009ad3f6229ba1760d4f9f56877f6e3161626ae11fcb9bfdbc71f6

Audit Changelog

 
Revision 1.5

Jun 17, 2024

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.4

Apr 12, 2023

Functional Update
  • 1.3.6 Ensure that the RotateKubeletServerCertificate argument is set to true
  • 2.7 Ensure that a unique Certificate Authority is used for etcd
  • 3.2.2 Ensure that the audit policy covers key security concerns
  • 5.2.10 Minimize the admission of containers with capabilities assigned
  • 5.2.7 Minimize the admission of root containers
  • 5.3.2 Ensure that all Namespaces have Network Policies defined
  • 5.4.1 Prefer using secrets as files over secrets as environment variables
  • 5.4.2 Consider external secret storage
  • 5.5.1 Configure Image Provenance using ImagePolicyWebhook admission controller
  • 5.7.2 Ensure that the seccomp profile is set to docker/default in your pod definitions
  • 5.7.3 Apply Security Context to Your Pods and Containers
  • 5.7.4 The default namespace should not be used
Informational Update
  • 3.2.2 Ensure that the audit policy covers key security concerns
Miscellaneous
  • Metadata updated.
  • Platform check updated.
Removed
  • CIS_Kubernetes_v1.24_v1.0.0_Level_2_Master.audit from CIS Kubernetes v1.24 Benchmark v1.0.0
Revision 1.3

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.2

Jan 4, 2023

Miscellaneous
  • Metadata updated.
  • Variables updated.
Revision 1.1

Dec 7, 2022

Miscellaneous
  • Metadata updated.