12/2/2023 0 Comments Aws cis benchmark toolScored recommendations affect the benchmark score whether the recommendation applies to the user's specific environment or not. Depends on Environment - The recommendation is applied in the user's specific environment and is not controlled by AKS.AKS clusters use a Helm chart to deploy control plane pods and don't rely on files in the node VM. The CIS Kubernetes benchmark recommends these files must have certain permission requirements. Kubernetes clusters by default use a manifest model to deploy the control plane pods, which rely on files from the node VM. ![]() N/A - The recommendation relates to manifest file permission requirements that are not relevant to AKS.Fail - The recommendation has not been applied.Pass - The recommendation has been applied.Recommendations can have one of the following statuses: L2, or Level 2, recommends security settings for environments requiring greater security that could result in some reduced functionality.L1, or Level 1, recommends essential basic security requirements that can be configured on any system and should cause little or no interruption of service or reduced functionality.Scored recommendations affect the benchmark score if they are not applied, while Not Scored recommendations don't.ĬIS benchmarks provide two levels of security settings: These are applicable to AKS 1.21.x through AKS 1.24.x. The following are the results from the CIS Kubernetes V1.24 Benchmark v1.0.0 recommendations on AKS. For more information on the CIS benchmark, see Center for Internet Security (CIS) Benchmarks. For more information about AKS security, see Security concepts for applications and clusters in Azure Kubernetes Service (AKS). This article covers the security hardening applied to AKS based on the CIS Kubernetes benchmark. As a secure service, Azure Kubernetes Service (AKS) complies with SOC, ISO, PCI DSS, and HIPAA standards.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |