github/kube-bench
1
0
Fork 0
mirror of https://github.com/aquasecurity/kube-bench.git synced 2026-02-14 18:10:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Support CIS Google Kubernetes Engine (GKE) Benchmark v1.2.0 (#1050)

Browse Source 
* Support CIS Google Kubernetes Engine (GKE) Benchmark v1.2.0

* restore gke-1.0

Co-authored-by: Yoav Rotem <yoavrotems97@gmail.com>
This commit is contained in:
Huang Huang
2021-12-09 18:04:38 +08:00
committed by GitHub
parent 26b07a8a4c
commit 2d6bf55ab2
14 changed files with 1342 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docs/architecture.md
View File

@@ -19,6 +19,7 @@ The following table shows the valid targets based on the CIS Benchmark version.
| cis-1.6| master, controlplane, node, etcd, policies |
|cis-1.20| master, controlplane, node, etcd, policies |
| gke-1.0| master, controlplane, node, etcd, policies, managedservices |
| gke-1.2.0| controlplane, node, policies, managedservices |
| eks-1.0.1| controlplane, node, policies, managedservices |
| ack-1.0| master, controlplane, node, etcd, policies, managedservices |
| aks-1.0| controlplane, node, policies, managedservices |

1
docs/platforms.md
View File

@@ -11,6 +11,7 @@ Some defined by other hardenening guides.
| CIS | [1.6.0](https://workbench.cisecurity.org/benchmarks/4834) | cis-1.6 | 1.16-1.18 |
| CIS | [1.20](https://workbench.cisecurity.org/benchmarks/6246) | cis-1.20 | 1.19-1.20 |
| CIS | [GKE 1.0.0](https://workbench.cisecurity.org/benchmarks/4536) | gke-1.0 | GKE |
| CIS | [GKE 1.2.0](https://workbench.cisecurity.org/benchmarks/7534) | gke-1.2.0 | GKE |
| CIS | [EKS 1.0.1](https://workbench.cisecurity.org/benchmarks/6041) | eks-1.0.1 | EKS |
| CIS | [ACK 1.0.0](https://workbench.cisecurity.org/benchmarks/6467) | ack-1.0 | ACK |
| CIS | [AKS 1.0.0](https://workbench.cisecurity.org/benchmarks/6347) | aks-1.0 | AKS |

3
docs/running.md
View File

@@ -120,8 +120,9 @@ kube-bench includes a set of test files for Red Hat's OpenShift hardening guide
| CIS Benchmark | Targets |
|---|---|
| gke-1.0| master, controlplane, node, etcd, policies, managedservices |
| gke-1.2.0| master, controlplane, node, policies, managedservices |
kube-bench includes benchmarks for GKE. To run this you will need to specify `--benchmark gke-1.0` when you run the `kube-bench` command.
kube-bench includes benchmarks for GKE. To run this you will need to specify `--benchmark gke-1.0` or `--benchmark gke-1.2.0` when you run the `kube-bench` command.
To run the benchmark as a job in your GKE cluster apply the included `job-gke.yaml`.