kube-bench
kube-bench copied to clipboard

Published 20 hours ago •

Reame
Issues

Add latest CIS benchmarks

Open damejeras opened this issue 2 years ago • 11 comments

trafficstars

I copied latest AKS(1.0.0), EKS(1.2.0), GKE(1.2.0) config files and adjusted them to match latest published CIS benchmarks (AKS 1.3, EKS 1.3, GKE 1.4).

EKS changes:

4.5 was removed (was previously empty), 4.6.* became 4.5.*
3.2.6 was removed and everything shifted

GKE changes:

3.2.6 was removed and everything shifted
previously 3.2.9, now is 3.2.9 and its about event record qps. 0 qps can ddos cluster, so 5 or higher is recommended.
5.5.4 added “When creating New Clusters - ” prefix to rule name

AKS changes:

3.2.6 was removed and everything shifted in 3.2.*

Aug 09 '23 11:08 damejeras

All committers have signed the CLA.

Aug 09 '23 11:08 CLAassistant

@damejeras lets wait for @mozillazg review

Nov 13 '23 06:11 chen-keinan

@damejeras please rebase your branch with upstream

Nov 13 '23 06:11 chen-keinan

I will complete the review before next Monday.

Nov 13 '23 14:11 mozillazg

@damejeras LGTM. Would you please fix the linter error? Thanks!

Nov 24 '23 14:11 mozillazg

@damejeras ping~

Dec 03 '23 03:12 mozillazg

Hello, Any news on this ? I have to add since that PR, gke 1.5.0 got out.

Mar 14 '24 09:03 stephaneetje

LGTM

Apr 12 '24 08:04 kahirokunn

@damejeras @mozillazg hi guys! if this PR is still OK, I can take a look and fix linter errors. wdyt?

Oct 15 '24 08:10 afdesk

@damejeras @mozillazg hi guys! if this PR is still OK, I can take a look and fix linter errors. wdyt?

@afdesk It's ok to continue.

Oct 15 '24 13:10 mozillazg

@damejeras it seems I have no permissions to fix it. Could you update the PR? thanks for your contribution!

Oct 21 '24 09:10 afdesk