2.2.2 Ensure that the audit policy covers key security concerns

Information

Ensure that the audit policy created for the cluster covers key security concerns.

Rationale:

Security audit logs should cover access and modification of key resources in the cluster, to enable them to form an effective part of a security environment.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

This control cannot be modified in GKE.

Impact:

Increasing audit logging will consume resources on the nodes or other log destination.

Default Value:

See the GKE documentation for the default value.

See Also

https://workbench.cisecurity.org/files/2764