1/17/2024 0 Comments Cis benchmark automationOptional features that cluster operators can enable and configure to improve their compliance.Recommendations affecting running workloads on user clusters.We broadly categorized recommendations made by the benchmark into three categories: ![]() For example, some recommendations in chapter 1 recommend certain file permissions on manifests like kube-apiserver but KKP does not write those to disk at all, so that recommendation does not apply to KKP. So, KKP’s control plane design would mark tests that should be considered “passed” as “failed”. However, those tools make certain assumptions around cluster architecture. To meet our commitment, we introduced several changes and new features with our open source Kubermatic Kubernetes Platform (KKP) 2.19 that will help platform operators score better results on the CIS Benchmark and subsequently provide a standardized security level to their developers and end users.The CIS Benchmark recommendations can also be automatically validated with various tools. Kubermatic is committed to deliver a modern and secure Kubernetes platform. ![]() Among them is the CIS Benchmark for Kubernetes, which is being published and is receiving updates since 2017. Over the past years, several guidelines to secure Kubernetes clusters have been released. With Kubernetes becoming an ubiquitous platform for running software at scale, an obvious but sometimes overlooked topic is security.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |