PSRule.Rules.Azure icon indicating copy to clipboard operation
PSRule.Rules.Azure copied to clipboard

Published 20 hours ago verified publisher icon Azure

Improve guidance of logging kube-audit or kube-audit-admin

Open BernieWhite opened this issue 2 years ago • 0 comments

Existing rule

Azure.AKS.AuditLogs

Suggested rule

Update the guidance. Both kube-audit or kube-audit-admin should not be enabled. Update the docs to reflect that:

  • Either log can be enabled.
  • Enabling logging for both would increase cost and duplicate some log data.

Pillar

Security

Additional context

  • https://azure.github.io/PSRule.Rules.Azure/en/rules/Azure.AKS.AuditLogs/
  • https://learn.microsoft.com/azure/aks/monitor-aks-reference#resource-logs

BernieWhite avatar Sep 29 '23 15:09 BernieWhite