mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2026-02-14 10:00:14 +00:00
a34047c105
* Adding eks-stig-kubernetes-v1r6 * Fixing lint errors * Reformatting texts * Removing pinned docker tag * Updating Expected Stig Output Co-authored-by: EC2 Default User <ec2-user@ip-10-0-44-222.ec2.internal>
1.7 KiB
1.7 KiB
CIS Kubernetes Benchmark support
kube-bench supports running tests for Kubernetes. Most of our supported benchmarks are defined in one of the following: CIS Kubernetes Benchmarks STIG Document Library
Some defined by other hardenening guides.
| Source | Kubernetes Benchmark | kube-bench config | Kubernetes versions |
|---|---|---|---|
| CIS | 1.5.1 | cis-1.5 | 1.15 |
| CIS | 1.6.0 | cis-1.6 | 1.16-1.18 |
| CIS | 1.20 | cis-1.20 | 1.19-1.21 |
| CIS | 1.23 | cis-1.23 | 1.22-1.23 |
| CIS | GKE 1.0.0 | gke-1.0 | GKE |
| CIS | GKE 1.2.0 | gke-1.2.0 | GKE |
| CIS | EKS 1.0.1 | eks-1.0.1 | EKS |
| CIS | ACK 1.0.0 | ack-1.0 | ACK |
| CIS | AKS 1.0.0 | aks-1.0 | AKS |
| RHEL | RedHat OpenShift hardening guide | rh-0.7 | OCP 3.10-3.11 |
| CIS | OCP4 1.1.0 | rh-1.0 | OCP 4.1- |
| DISA | Kubernetes Ver 1, Rel 6 | eks-stig-kubernetes-v1r6 | EKS |