kube-bench
kube-bench copied to clipboard
aquasecurity
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
Bumps golang from 1.22.0 to 1.22.1. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0. Release notes Sourced from github.com/stretchr/testify's releases. v1.9.0 What's Changed Fix Go modules version by @SuperQ in stretchr/testify#1394 Document that require is not safe to...
Bumps [github.com/aws/aws-sdk-go-v2/service/securityhub](https://github.com/aws/aws-sdk-go-v2) from 1.29.1 to 1.46.2. Commits ce842a7 Release 2023-12-01 d40f923 Regenerated Clients 3a00ef5 Update API model 1f61a06 fix: correct recognition and zeroing of cache-wrapped AnonymousCredentials (#... 623d430 fix: correct...
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.25.2 to 1.25.3. Commits be4380a Release 2024-03-07 d811bc7 Regenerated Clients b3e8224 Update API model 5011554 regen for copying ddbstreams attribute value after dropping go-cmp 6c816bc dep: drop...
**Overview** The kube-bench pod when running the latest (v0.7.1) version of the aquasec/kube-bench image errors `failed to output to ASFF: finding publish failed: not found, ResolveEndpointV2` deployed via job-eks-asff.yaml Does...
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4 to 5. Release notes Sourced from actions/setup-python's releases. v5.0.0 What's Changed In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772)....
**Overview** Currently within the CIS 1.7 for test 1.2.3; the test is manual using `ps -ef | grep kube-apiserver`. Then a manual search for `--disabled-admission-plugins=DenyServiceExternalIPs`. Could the test be refined...
**Overview** We are trying to install kube-bench on GKE. But we are getting read only file system error for `/srv/kubernetes` and `/opt/cni` volume mount directories. So instead of using the...
**Overview** Kube-bench checks are failing when the `flagVal` and `compareValue` are empty strings and `flagName` is given. - **Expected Outcome** ``` Js {label: “empty - val”, op: “eq”, flagVal: “”,...
**Overview** cfg/cis-1.6-k3s benchmark has some failing tests, which either does not match K3s CIS hardening reference or checks completely incorrect fields. **Examples:** * Check, that does not match description and...
Metadata
Owner
Metadata
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark