1.2.20 Ensure that the --audit-log-path argument is set

Information

Enable auditing on the Kubernetes API Server and set the desired audit log path.

Rationale:

Auditing the Kubernetes API Server provides a security-relevant chronological set of records documenting the sequence of activities that have affected the system by individual users, administrators or other components of the system. Even though currently, Kubernetes provides only basic audit capabilities, it should be enabled. You can enable it by setting an appropriate audit log path.

Impact:

None

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

None required. This is managed by the cluster apiserver operator.

Default Value:

By default, auditing is enabled.

See Also

https://workbench.cisecurity.org/benchmarks/16094